Access Management Web Portal

Server Connection

Through the Access Management function you can manage the external accounts that packages can use on your local instance to authenticate themselves with remote systems. The external account (the calling instance) is the counterpart of the server account (the called instance). You set this up on the Server Connection tab in the Access Management portal.

Access Management has a wizard to connect two LogicNets systems with each other. You initiate this wizard on the source system (the instance doing the calling). The target asks you for the target server address (e.g. https://<hostname>/<company>) and the purpose of the account. The target or called server claims the required user rights based on this purpose.

 

The system generates a RSA-key pair and sends the public key and purpose to the target server. The user logs in to the target server and is asked for consent.

 

The system creates a server account on the target instance after the user gives consent and stores the the provided public key as an authentication key. Then the browser redirects the call back to the source instance and creates an external account on the source instance together with the private key.

A client application/project can use the ‘authentication.external_users’-part to retrieve the password/authentication bearer and pass that bearer via the call-webservice part. It is also possible for you to add external accounts manually. You use this option when the target system is not a LogicNets-based system and does not support automatic account creation.