Configuring the authentication credentials of REST API web services

BMC Helix Innovation Studio allows you to connect your application with the REST API web services of another application in a codeless way. After creating a one-time REST API web service definition, you must configure the authentication credentials of the REST API web services to which you want to connect in a codeless way. For example, if you want to connect to a JIRA REST API web service, you must configure the authentication credentials of JIRA service. 

BMC Helix Innovation Studio supports Basic Authentication (Basic Auth), Open Authorization 2.0 (OAuth 2.0) with client_credentials grant type, BMC Helix Single Sign-On, Custom, and Remedy (Without BMC Helix Single Sign-On), and OAuth token exchange.

Before you begin

• Ensure that you have the authentication credentials of the REST API web service that you want your application to connect to. 
• Ensure that you have created the RESTful web service request definition. For more information, see Creating a REST API web service request definition. 
  For example, if you want to provide the authentication credentials of JIRA REST service, you must create the JIRA web service request definition.  
•  If you want to use Remedy SSO, ensure that the OAuth client is registered in BMC Helix Single Sign-On (RSSO). When registering OAuth 2.0, ensure that you copy the Client ID and Client secret. To see the steps to register a client, see  Configuring OAuth 2.0  in BMC Helix Single Sign-Ononline documentation.

To configure the authentication credentials

1. Log in to BMC Helix Innovation Studio and navigate to the Administration tab. 
2. Select Integrations> Web APIs > Web API connections. 
3. On the Web API Connection page, click New.
4. On the General tab, in the Name field, type a meaningful name for the REST API web service connection, such as JIRA connection.
5. In Host name, provide the host name from which the connection is established, such as jira.com.
6. Fill out the Port and the Protocol fields.
7. In Authentication, select one of the supported types: Basic Auth, OAuth  2.0, RSSO, Remedy, OAuth token exchange, or Custom.

8. To add the authentication credentials, click Next. 
   The following image is an example of configuring authentication credentials for JIRA REST API:
   
   The following table lists the field values that you should specify based on the authentication that you select:

   Authentication	Description	Field values
   Basic Auth	Allows you to enable a basic authentication method and provide a user name and password when making a request.	Login—Enter basic authorization user name of the REST API web service. Password—Enter the password of the basic authorization protocol. (Optional) HTTP headers—Add the headers and the values if the REST API web service requires custom headers to establish a connection.
   OAuth 2.0	Allows you to have applications that act as OAuth clients and interact with applications protected by BMC Helix Single Sign-On, and have applications hosted on different top-level domains which are integrated with the same BMC Helix Single Sign-On server.	Grant type—Select client_credentials as the grant type. Access Token URL—Enter the resource of the URL from which access tokens are generated for the REST service. Example: If the URL is http://api.jira.com/oauth2/token, in the Access Token URL field, type /oauth2/token. Client ID—Enter the client ID of the REST API service. Client secret—Enter the client secret of the REST API service. Client credentials transfer mechanism—Select one of the following options: Authorization request header—To provide credentials that authenticate a user with a server, allowing access to a protected resource. Form parameters—To add the form parameters if the RESTful service requires custom form parameters to control what data is returned. Redirect URI—Add the URI to which the authorization code is sent after an /authorize request succeeds. The client-side must support the URI. For more information, see  Configuring OAuth 2.0 . (Optional) Scope—Specify the restricted scope of access for these credentials. (Optional) Authorization server endpoint—Specify the server name. (Optional) Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection. (Optional) Add form parameters—Add the form parameters and the values if the RESTful service requires custom parameters to establish a connection.
   RSSO	Allows you to connect your application with the REST API web of another application with BMC Helix Single Sign-On in a codeless way.	Login—Enter the Remedy SSO user name. Access token URL—Enter the resource of the URL from which access tokens are generated for the REST service. For example; If the URL is http://api.servername.com/rsso/oauth2/token, in the Access Token URL field, type /rsso/oauth2/token. In Client ID and Client Secret, enter the details that you obtained when registering the OAuth client. (Optional) RSSO server endpoint—Select one of the following options: Default—If the Remedy SSO server is the same as the Hostname provided on the General tab. Custom—If the Remedy SSO server is different than the one specified as the Hostname provided on the General tab, enter the RSSO server endpoint in the following format: https:/servername:port (Optional) Add HTTP headers—Add the headers and the values if the RESFful service requires custom headers to establish a connection.
   Custom	Allows you to connect your application with the REST API web services of any custom application.	Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection. Add query parameters—Add the query parameters if the RESTful service requires custom query parameters to control what data is returned.
   Remedy (Without RSSO)	Allows you to connect your application with the REST API web services of Remedy application without BMC Helix Single Sign-On.	Login—Enter the user ID of a Remedy user. Password—Enter the password of a Remedy user. (Optional) Add HTTP headers—Add the headers and the values if the RESFful service requires custom headers to establish a connection.
   OAuth token exchange	Allows you to use the cross-launch functionality to enable a single sign-on experience between applications that do not share the same BMC Helix Single Sign-On server and are deployed in different domains. The target application in this case is integrated with a BMC Helix Single Sign-On server, and the source application either can be a part of some third-party solution or can be integrated with another BMC Helix Single Sign-On server.	Login—Enter the user ID of a Remedy user. Access token URL—Enter the resource of the URL from which access tokens are generated for the REST service. Client ID—Enter the client identifier issued to the client by the Remedy SSO server during the OAuth client registration process. Client Secret—Enter the client secret of the Remedy SSO server issued to the client by the Remedy SSO server during the OAuth client registration process.  Resources—Comma-separated list of valid URLs to which the client is requesting access.  OAuth token exchange server endpoint—Select one of the following options: Default—If the Remedy SSO server is the same as the Hostname provided on the General tab. Custom—If the Remedy SSO server is different than the one specified as the Hostname provided on the General tab, enter the RSSO server endpoint in the following format: https:/servername:port (Optional) Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection.

9. Click Save. 

Where to go from here

Configuring web requests in a business process