How to Integrate your Custom Web Authentication Provider

Top  Previous  Next

z/Scope Anywhere processes and forwards the received parameters depending on how it is configured.

 

How the z/Scope External Web Authentication Provider manages the received parameters

 

Using the GET HTTP method: the parameters will be forwarded to the validation URL using a QueryString(*).

For example:

http://zscope.anywhere.server:8023/authprov/?mySessionID=12345678&myUserID=JDoe

 

Using the POST HTTP method: the parameters will be forwarded on the request body as a JSON object(*).

For example:

{

   "mySessionID": "12345678",

   "myUserID": "JDoe"

}

 

Field Masks (*)

 

A Field Mask is a parameter enclosed within brackets. The field masks are used in the validation URL to customize it according to your needs.

These field masks aren’t part of the data (QueryString or JSON) that z/Scope Anywhere will send to the validation URL.

 

For example, if the validation URL is set to:

https://auth.server.domain/isValid/{mySessionID}/

z/Scope Anywhere will call the URL replacing the field mask with the values assigned to these parameters in the ajax call:

https://auth.server.domain/isValid/12345678/

 

What the validation URL should return

 

The validation URL must return a JSON object that indicates if the authentication worked.

 

When the authentication fails, it should return a JSON with this format:

{

   "isValid": false,

   "redirectTo": "http://auth.server.domain/accessdenied.html"

}

This indicates that the external authentication has failed and redirects the users to a web page that handles this situation.

 

When the authentication is successful, it should to return a JSON following this format:

{

   "isValid": true,

   "username": "Company\\UserID",

   "fullname": "John Doe",

   "redirectTo": "http://auth.server.domain/integratedpage.html"

}

This indicates that the external authentication has been successful and redirects the users to a web page with the z/Scope Anywhere integration.

 

 

Read More:

Enabling z/Scope Anywhere ADS authentication
Enabling and Configuring the External Web Authentication Provider
How to Use the External Web Authentication Provider