Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1631
Views
10
Helpful
10
Replies

How to make a RESI call to windows NTLM secured API?

Go to solution
House Cat
Level 1
Level 1

‎04-12-2020 09:53 PM

Greetings,

In my UCCX script I'm trying to "make rest call" to NTLM (integrated windows authentication), i've tried just username and domain\username - no luck.

Guess, UCCX is lunix and doesn't support NTLM.

 

How can i make this work?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee
In response to Sean Lynch

‎04-13-2020 11:15 AM

@Sean Lynch wrote:

...UCCX REST API calls to third party servers is only supported by basic authentication.

Actually, you can use more than just Basic Auth with the Make REST Call step.  In fact, the documentation gives an example of using token based auth.

 

uccx-make-rest-headers.png

uccx-make-rest-headers-doc.png

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee

‎04-13-2020 09:38 AM

I don't have a way, that I know of, to test this at the moment, but according to this site:
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/understanding-http-authentication

It says:
"NTLM authentication requires multiple exchanges between the client and server. The server and any intervening proxies must support persistent connections to successfully complete the authentication."

And to the best of my knowledge, neither one of those two things required: multiple exchanges or persistent connections, are available with the make rest call step.

Therefore, you might need to look into doing this with pure Java implementation, like so:
https://stackoverflow.com/questions/42350027/http-post-requests-unsing-ntlm-authentication-java

However, if you've never adapted a pure java solution to UCCX, you might find that it's either impossible, or at the very least, pretty complex. In the most extreme cases of success, you will have to upload some java libraries to the UCCX Engine and restart the server before you can even test the code out.

I don't know your level of expertise with all of this, and the skills required to solve it span MS, Java, UCCX and Web Development, so it can be a tricky task for anyone to do on their own. Do you have co-workers in one or more of these area to assist you?
0 Helpful

Go to solution
Sean Lynch
Level 7
Level 7

‎04-13-2020 09:43 AM

I'm not entirely certain of what you are attempting.  From what I understand, UCCX REST API calls to third party servers is only supported by basic authentication.  At this time I can't find a specific reference--and I know I've seen one on the DEVnet site.

Basic auth with certificate validation...  A signed security certificate must be uploaded to the UCCX Tomcat store, so UCCX will trust the third party web service/REST API target.

" ...If you access the external secure REST APIs, upload certificates to platform Tomcat's keystore. The engine Tomcat picks them up from platform Tomcat."  (from the 'Help' file on the REST API palette item).

Hope this helps.

-Sean

 

0 Helpful

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee
In response to Sean Lynch

‎04-13-2020 11:15 AM

@Sean Lynch wrote:

...UCCX REST API calls to third party servers is only supported by basic authentication.

Actually, you can use more than just Basic Auth with the Make REST Call step.  In fact, the documentation gives an example of using token based auth.

 

uccx-make-rest-headers.png

uccx-make-rest-headers-doc.png

0 Helpful

Go to solution
Sean Lynch
Level 7
Level 7
In response to Anthony Holloway

‎04-13-2020 02:19 PM

...ah, yes.  More things to learn.  I will need to be more specific in the future, as I am still only working on UCCX release 10.6(1):

2020-0413-restAPI106.png

...only has Basic Auth

 

For the latest release as referenced on DevNET:

2020-0413-restAPI12x.png

...I have a lot to look forward to (and learn) once we upgrade.  Yup yup.

-Sean

0 Helpful

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee
In response to Sean Lynch

‎04-13-2020 02:29 PM

I see, yeah, 10.6(1) is pretty limited. You also get to look forward to the XML companion steps for JSON in 11.6+!
0 Helpful

Go to solution
Sean Lynch
Level 7
Level 7
In response to Anthony Holloway

‎04-14-2020 09:50 AM

...the JSON stuff is what I'm really going to be focused on--as we are switching to a middle-ware solution that responds with JSON.
Looking forward to it. ...and I'm sure I'll be posting quite a bit to this effect when we arrive.
Thanks!
-Sean
0 Helpful

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee
In response to Sean Lynch

‎04-14-2020 11:13 AM

You replied in a JSON Path thread somewhat recently, and I also replied. Be sure to read my response, because Jaway JSONPath is a little different than most. Good luck.

Go to solution
Sean Lynch
Level 7
Level 7
In response to Anthony Holloway

‎04-14-2020 11:41 AM

Yup. I saw it. And bookmarked...
-Sean
0 Helpful

Go to solution
House Cat
Level 1
Level 1
In response to Sean Lynch

‎04-14-2020 09:56 PM

I read this post and called up to API owner, eventually negotiated to basic auth :)

Go to solution
Anthony Holloway
Cisco Employee
Cisco Employee
In response to House Cat

‎04-14-2020 11:12 PM

Good to know!
0 Helpful
Customers Also Viewed These Support Documents