Configuring the authentication credentials of REST API web services

Before you begin

• Make sure that you have the authentication credentials of the REST API web service that you want your application to connect to. 
• Make sure that you have created the RESTful web service request definition. For more information, see Creating-a-REST-API-web-service-request-definition. 
  For example, if you want to provide the authentication credentials of JIRA REST service, you must create the JIRA web service request definition.  
• If you want to use single sign-on, make sure that the OAuth client is registered in BMC Helix Single Sign-On (RSSO). When registering OAuth 2.0, make sure that you copy the Client ID and Client secret. To see the steps to register a client, see Configuring OAuth 2.0 in BMC Helix Single Sign-Ononline documentation.

To configure the authentication credentials

1. Log in to BMC Helix Innovation Studio and navigate to the Administration tab. 
2. Select Integrations> Web APIs > Web API connections. 
3. On the Web API Connection page, click New.
4. On the General tab, in the Name field, type a meaningful name for the REST API web service connection, such as JIRA connection.
5. In Host name, provide the host name from which the connection is established, such as jira.com.
6. Fill out the Port and the Protocol fields.
7. In Authentication, select one of the supported types: Basic Auth, OAuth  2.0, RSSO, Custom, Remedy, or OAuth token exchange.

8. To add the authentication credentials, click Next. 
   The following image is an example of configuring authentication credentials for JIRA REST API:
   
   The following table lists the authentication types and the field values that you should specify based on the authentication that you select:

   Authentication	Description	Field values
   Basic Auth	Enable a basic authentication method and provide a username and password when making a request.	Login—Enter basic authorization user name of the REST API web service. Password—Enter the password of the basic authorization protocol. (Optional) HTTP headers—Add the headers and the values if the REST API web service requires custom headers to establish a connection.
   OAuth 2.0	Include applications that act as OAuth clients and interact with applications protected by BMC Helix Single Sign-On, and have applications hosted on different top-level domains which are integrated with the same BMC Helix Single Sign-On server.	Grant type—Select client_credentials as the grant type. Access token URL—Enter the resource of the URL from which access tokens are generated for the REST service. For example; If the URL is http://api.jira.com/oauth2/token, in the Access Token URL field, type /oauth2/token. Client ID—Enter the client ID of the REST API service. Client secret—Enter the client secret of the REST API service. Client credentials transfer mechanism—Select one of the following options: Authorization request header—To provide credentials that authenticate a user with a server, allowing access to a protected resource. Form parameters—To add the form parameters if the RESTful service requires custom form parameters to control what data is returned. Redirect URI—Add the URI to which the authorization code is sent after an /authorize request is successful. The client-side must support the URI. For more information, see Configuring OAuth 2.0. (Optional) Scope—Specify the restricted scope of access for these credentials. (Optional) Authorization server endpoint—Specify the server name. (Optional) Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection. (Optional) Add form parameters—Add the form parameters and the values if the RESTful service requires custom parameters to establish a connection.
   RSSO	Connect your application with the REST API web of another application with BMC Helix Single Sign-On in a codeless way.	Login—Enter the BMC Helix Single Sign-Onuser name. Access token URL—Enter the resource of the URL from which access tokens are generated for the REST service. For example; If the URL is http://api.servername.com/rsso/oauth2/token, in the Access Token URL field, type /rsso/oauth2/token. In Client ID and Client secret, enter the details that you obtained when registering the OAuth client. (Optional) RSSO server endpoint—Select one of the following options: Default—If the BMC Helix Single Sign-Onserver is the same as the Hostname provided on the General tab. Custom—If the BMC Helix Single Sign-Onserver is different than the one specified as the Hostname provided on the General tab, enter the RSSO server endpoint in the following format: https:/servername:port (Optional) Add HTTP headers—Add the headers and the values if the RESFful service requires custom headers to establish a connection.
   Custom	Connect your application with the REST API web services of any custom application.	Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection. Add query parameters—Add the query parameters if the RESTful service requires custom query parameters to control what data is returned.
   Remedy (Without RSSO)	Connect your application with the REST API web services of application without BMC Helix Single Sign-On.	Login—Enter the user ID of a user. Password—Enter the password of a user. (Optional) Add HTTP headers—Add the headers and the values if the RESFful service requires custom headers to establish a connection.
   OAuth token exchange	Use the cross-launch functionality to enable a single sign-on experience between applications that do not share the same BMC Helix Single Sign-On server and are deployed in different domains. The target application in this case is integrated with a BMC Helix Single Sign-On server, and the source application either can be a part of some third-party solution or can be integrated with another BMC Helix Single Sign-On server.	Login—Enter the user ID of an user. Access token URL—Enter the resource of the URL from which access tokens are generated for the REST service. Client ID—Enter the client identifier issued to the client by the BMC Helix Single Sign-On server during the OAuth client registration process. Client Secret—Enter the client secret of the BMC Helix Single Sign-OnSSO server issued to the client by the BMC Helix Single Sign-OnSSO server during the OAuth client registration process.  Resources—Comma-separated list of valid URLs to which the client is requesting access.  OAuth token exchange server endpoint—Select one of the following options: Default—If the BMC Helix Single Sign-On server is the same as the Hostname provided on the General tab. Custom—If the BMC Helix Single Sign-Onserver is different than the one specified as the Hostname provided on the General tab, enter the BMC Helix Single Sign-Onserver endpoint in the following format: https:/servername:port (Optional) Add HTTP headers—Add the headers and the values if the RESTful service requires custom headers to establish a connection.

9. Click Save. 

Where to go from here

To configure web requests in a business process, see Configuring-web-requests-in-a-business-process.