33 lines
1.1 KiB
Org Mode
33 lines
1.1 KiB
Org Mode
|
:PROPERTIES:
|
||
|
:ID: b073b659-19e2-4402-b3ef-087ee67aa201
|
||
|
:END:
|
||
|
#+Title: Full Integration Development Doc
|
||
|
#+Author: Yann Esposito
|
||
|
#+Date: [2023-07-17]
|
||
|
|
||
|
- tags ::
|
||
|
- source ::
|
||
|
|
||
|
* Full Integration Development Doc
|
||
|
|
||
|
*Full Integration with XDR:*
|
||
|
Your UI is hosted on the same URL as XDR.
|
||
|
|
||
|
Steps:
|
||
|
|
||
|
1. Check which URL/APIs your integration will use (check the scope in Swagger UI)
|
||
|
2. Create a client with these scopes (Authorization Code Grant)
|
||
|
3. Test your integration with this client:
|
||
|
- With normal clients: use =/iroh/oauth2/authorize= to retrieve a refresh token.
|
||
|
- With trusted clients (you must ask the IROH team to bless it)
|
||
|
Retrieve a refresh token from any account of your own IROH org
|
||
|
by using =/iroh/ouauth2/cumstom= endpoints using your own session token.
|
||
|
4. Once the tests are conclusive:
|
||
|
- create a new client per IROH environment (INT, TEST, PROD NAM, PROD EU,
|
||
|
PROD APJC)
|
||
|
- Ask the IROH (XDR-backend) team to bless these new clients as "trusted" and
|
||
|
change their availability to =everyone=.
|
||
|
|
||
|
*Optionally*, improve the security of your API by asking to add an audience to
|
||
|
your client.
|