There are 3 steps to setting up Token-Based Authentication
- Create an Authentication Workflow
- Configure the Authentication Workflow as the Authentication Override
- Configure Resources to use the Authentication Override
Step 1 Create an Authentication Workflow
First, you will need to create a workflow for authenticating a request.
Check out Creating an Authentication Workflow for the example used in this tutorial.
Ensure that the workflow is Public and returns recordset [[UserGroups(*).Name]] marked as Output.
Step 2 Configure the Authentication Workflow as the Authentication Override
1. Open the Settings by clicking on the Settings button in the toolbar.
2. It will default to Security tab as seen below:
In Server Permissions, check View and Execute in the checkboxes for Public and click Save.
For Token-Based Authentication, we will be focusing on the Resource Permissions and Authentication Override.
3. In Resource Permissions select the resource picker as seen below and select the Authentication Workflow created in step 1.
4. In the Windows Group make the workflow Public and select View and Execute in the checkboxes and click Save.
5. In the Authentication Override, click the resource picker and select the same Authentication Workflow configured in Resource Permissions. Click Save.
Note: If the Authentication Workflow was not set to Public in the previous step or does not return recordset [[UserGroups(*).Name]] as an Output, a popup error will appear when the resource is selected from the resource picker and it will not allow you to select it.
6. Authentication Override has now been configured. The Security settings will look as follows:
Step 3 Set up Resources to use the Authentication Override
Once you have decided which workflows will be executed using Token-Based Authentication, they can be configured in the Resource Permissions as follows:
1. Click on the resource picker in Resource Permissions and select the workflow you would like to execute using Token-Based Authentication.
2. In this example, we have configured 2 workflows to be authenticated against a Windows Group called Collections. This is not a true Windows Group but it is utilized for Token-Based Authentication.
This group will need to be returned in the [[UserGroups(*).Name]] recordset configured in the Authentication Workflow. This forms part of authenticating the token.
Remember to check View and Execute and click Save.
For help on executing the workflow check out this article which explains how to execute a token-based workflow