API Authentication Methods
Starting October 19, 2022, you can connect your corporate identity provider to using the Platform's Identity service. Once connected, Platform will act as an identity broker between your IdP (Identity Provider) and , allowing your users to securely access all products and the support, documentation, and community portals using the same credentials they use throughout your enterprise.
If you have not yet migrated your single sign-on (SSO) and user management to the Platform and want to do so, write to support@digital.ai for assistance.
If you have any further questions, please reach out to your contact or write to support@digital.ai.
Depending upon where your Digital.ai Agility instance is installed and how it's configured, there are special considerations for accessing therest API. In most of the documentation, you'll see therest-1.v1endpoint referenced in examples. You may need to use rest-1.oauth.v1instead under certain conditions.
Currently, however, if your instance is configured with Windows Integrated Authentication Mode and you want your code to use Access Tokens, you will need to use a slight variation namedrest-1.oauth.v1.
Important:We will remove therest-1.oauth.v1endpoint in a future release. When we do this, we will changerest-1.v1to workonlywith Access Token.
Current Options
This table summarizes the current options:
| Installation Type | Authentication Mode | rest-1.v1supports: | rest-1.oauth.v1supports: |
| On-Premise | Digital.ai Agility | Access Token | Access Token |
| On-Premise | Windows Integrated Authentication | Windows Integrated Authentication (for capable clients) | Access Token |
| On-Demand | Digital.ai Agility | Access Token | Access Token |
| On-Demand | SSO | Not Available | Access Token |
Basic Auth Information
As of this writing, you are able to use Basic Auth (username / password) anywhere the table showsAccess Tokenabove with the exceptions of an On-Premise instance configured in Windows Integrated Authentication Mode and an On-Demand SSO instance. But, like therest-1.oauth.v1endpoint, this capability will also be removed in a future release. Thus, we recommend transitioning to Access Token now.
Future Options
As mentioned above, we will be removingrest-1.oauth.v1and Basic Auth completely in a future release. The following table summarizes what the options will look like at that time:
| Installation Type | Authentication Mode | rest-1.v1supports: |
| On-Premise | Digital.ai Agility | Access Token |
| On-Premise | Windows Integrated Authentication | Access Token |
| On-Demand | Digital.ai Agility | Access Token |
| On-Demand | SSO | Access Token |
Single Sign On Authentication Considerations
On-Premise
Note that if you are using On-Premise Single Sign On Authentication (SSO), you must configure your SSO provider's rules to either allow or denyrest-1.v1and/orrest-1.oauth.v1. We recommend just exposingrest-1.v1, sincerest-1.oauth.v1will eventually be removed.
On-Demand
If you are using On-Demand Single Sign On, then your code must authenticate with an Access Token. We recommend coding against therest-1.v1endpoint, sincerest-1.ouath.v1will eventually be removed.