Foxpro / ForgeRock Identity Cloud Collection / Step 2b: Authenticate as ID Cloud Admin using MFA Skip Callback, Get Session Token and Cookie Name
Back to Collection Items
LOCAL loHttp
LOCAL lnSuccess
LOCAL loJson
LOCAL loResp
LOCAL loSbResponseBody
LOCAL loJResp
LOCAL lnRespStatusCode
LOCAL lcTokenId
LOCAL lcSuccessUrl
LOCAL lcRealm
* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.
loHttp = CreateObject('Chilkat_9_5_0.Http')
* Use this online tool to generate code from sample JSON: Generate Code to Create JSON
* The following JSON is sent in the request body.
* {
* "authId": "{{authId}}",
* "callbacks": [
* {
* "type": "TextOutputCallback",
* "output": [
* {
* "name": "message",
* "value": "Skip"
* },
* {
* "name": "messageType",
* "value": "0"
* }
* ]
* },
* {
* "type": "ConfirmationCallback",
* "output": [
* {
* "name": "prompt",
* "value": ""
* },
* {
* "name": "messageType",
* "value": 0
* },
* {
* "name": "options",
* "value": [
* "Set up"
* ]
* },
* {
* "name": "optionType",
* "value": -1
* },
* {
* "name": "defaultOption",
* "value": 0
* }
* ],
* "input": [
* {
* "name": "IDToken2",
* "value": 0
* }
* ]
* },
* {
* "type": "HiddenValueCallback",
* "output": [
* {
* "name": "value",
* "value": "false"
* },
* {
* "name": "id",
* "value": "Skip"
* }
* ],
* "input": [
* {
* "name": "IDToken3",
* "value": "Skip"
* }
* ]
* }
* ]
* }
loJson = CreateObject('Chilkat_9_5_0.JsonObject')
loJson.UpdateString("authId","{{authId}}")
loJson.UpdateString("callbacks[0].type","TextOutputCallback")
loJson.UpdateString("callbacks[0].output[0].name","message")
loJson.UpdateString("callbacks[0].output[0].value","Skip")
loJson.UpdateString("callbacks[0].output[1].name","messageType")
loJson.UpdateString("callbacks[0].output[1].value","0")
loJson.UpdateString("callbacks[1].type","ConfirmationCallback")
loJson.UpdateString("callbacks[1].output[0].name","prompt")
loJson.UpdateString("callbacks[1].output[0].value","")
loJson.UpdateString("callbacks[1].output[1].name","messageType")
loJson.UpdateInt("callbacks[1].output[1].value",0)
loJson.UpdateString("callbacks[1].output[2].name","options")
loJson.UpdateString("callbacks[1].output[2].value[0]","Set up")
loJson.UpdateString("callbacks[1].output[3].name","optionType")
loJson.UpdateInt("callbacks[1].output[3].value",-1)
loJson.UpdateString("callbacks[1].output[4].name","defaultOption")
loJson.UpdateInt("callbacks[1].output[4].value",0)
loJson.UpdateString("callbacks[1].input[0].name","IDToken2")
loJson.UpdateInt("callbacks[1].input[0].value",0)
loJson.UpdateString("callbacks[2].type","HiddenValueCallback")
loJson.UpdateString("callbacks[2].output[0].name","value")
loJson.UpdateString("callbacks[2].output[0].value","false")
loJson.UpdateString("callbacks[2].output[1].name","id")
loJson.UpdateString("callbacks[2].output[1].value","Skip")
loJson.UpdateString("callbacks[2].input[0].name","IDToken3")
loJson.UpdateString("callbacks[2].input[0].value","Skip")
loHttp.SetRequestHeader("Content-Type","application/json")
loHttp.SetRequestHeader("Accept-API-Version","resource=2.1, protocol=1.0")
loResp = loHttp.PostJson3("https://<tenant-name>.forgeblocks.com/am/json/authenticate","application/json",loJson)
IF (loHttp.LastMethodSuccess = 0) THEN
? loHttp.LastErrorText
RELEASE loHttp
RELEASE loJson
CANCEL
ENDIF
loSbResponseBody = CreateObject('Chilkat_9_5_0.StringBuilder')
loResp.GetBodySb(loSbResponseBody)
loJResp = CreateObject('Chilkat_9_5_0.JsonObject')
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = 0
? "Response Body:"
? loJResp.Emit()
lnRespStatusCode = loResp.StatusCode
? "Response Status Code = " + STR(lnRespStatusCode)
IF (lnRespStatusCode >= 400) THEN
? "Response Header:"
? loResp.Header
? "Failed."
RELEASE loResp
RELEASE loHttp
RELEASE loJson
RELEASE loSbResponseBody
RELEASE loJResp
CANCEL
ENDIF
RELEASE loResp
* Sample JSON response:
* (Sample code for parsing the JSON response is shown below)
* {
* "tokenId": "N60dPV99pcqVVI.*AAJTSQACMDEAAANDVFMAAlMxAAA.*",
* "successUrl": "/openam/console",
* "realm": "/"
* }
* Sample code for parsing the JSON response...
* Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
lcTokenId = loJResp.StringOf("tokenId")
lcSuccessUrl = loJResp.StringOf("successUrl")
lcRealm = loJResp.StringOf("realm")
RELEASE loHttp
RELEASE loJson
RELEASE loSbResponseBody
RELEASE loJResp
Curl Command
curl -X POST
-H "Content-Type: application/json"
-H "Accept-API-Version: resource=2.1, protocol=1.0"
-d '{
"authId": "{{authId}}",
"callbacks": [
{
"type": "TextOutputCallback",
"output": [
{
"name": "message",
"value": "Skip"
},
{
"name": "messageType",
"value": "0"
}
]
},
{
"type": "ConfirmationCallback",
"output": [
{
"name": "prompt",
"value": ""
},
{
"name": "messageType",
"value": 0
},
{
"name": "options",
"value": [
"Set up"
]
},
{
"name": "optionType",
"value": -1
},
{
"name": "defaultOption",
"value": 0
}
],
"input": [
{
"name": "IDToken2",
"value": 0
}
]
},
{
"type": "HiddenValueCallback",
"output": [
{
"name": "value",
"value": "false"
},
{
"name": "id",
"value": "Skip"
}
],
"input": [
{
"name": "IDToken3",
"value": "Skip"
}
]
}
]
}'
https://<tenant-name>.forgeblocks.com/am/json/authenticate
Postman Collection Item JSON
{
"name": "Step 2b: Authenticate as ID Cloud Admin using MFA Skip Callback, Get Session Token and Cookie Name",
"event": [
{
"listen": "test",
"script": {
"exec": [
"const JSONResponse = JSON.parse(responseBody);",
"",
"// Did request return SSO Token?",
"if(JSONResponse.tokenId && JSONResponse.tokenId != \"\")",
"{",
" // Set `adminSSOToken` variable",
" pm.globals.set(\"adminSSOToken\", JSONResponse.tokenId);",
"",
" // Get custom cookie name",
" var customCookieName = frUtils.getSessionCookieName(pm.response.headers.all());",
" pm.collectionVariables.set(\"cookieName\", customCookieName);",
"",
" // Remove `authId` variable",
" pm.globals.unset(\"authId\");",
"",
"}",
"",
"// Tests",
"",
"pm.test(\"Status code is 200\", () => {",
" pm.expect(pm.response.code).to.eql(200);",
"});",
"",
"pm.test(\"Response contains tokenId\", function () {",
" pm.expect(JSONResponse).to.have.any.keys('tokenId');",
"});",
"",
""
],
"type": "text/javascript"
}
}
],
"protocolProfileBehavior": {
"disableCookies": true
},
"request": {
"method": "POST",
"header": [
{
"description": "Specifies that the `/json/authenticate` endpoint uses JSON format for requests.",
"key": "Content-Type",
"value": "application/json"
},
{
"description": "Specifies the version of the `/json/authenticate` endpoint to use.",
"key": "Accept-API-Version",
"value": "resource=2.1, protocol=1.0"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"authId\": \"{{authId}}\",\n \"callbacks\": [\n {\n \"type\": \"TextOutputCallback\",\n \"output\": [\n {\n \"name\": \"message\",\n \"value\": \"Skip\"\n },\n {\n \"name\": \"messageType\",\n \"value\": \"0\"\n }\n ]\n },\n {\n \"type\": \"ConfirmationCallback\",\n \"output\": [\n {\n \"name\": \"prompt\",\n \"value\": \"\"\n },\n {\n \"name\": \"messageType\",\n \"value\": 0\n },\n {\n \"name\": \"options\",\n \"value\": [\n \"Set up\"\n ]\n },\n {\n \"name\": \"optionType\",\n \"value\": -1\n },\n {\n \"name\": \"defaultOption\",\n \"value\": 0\n }\n ],\n \"input\": [\n {\n \"name\": \"IDToken2\",\n \"value\": 0\n }\n ]\n },\n {\n \"type\": \"HiddenValueCallback\",\n \"output\": [\n {\n \"name\": \"value\",\n \"value\": \"false\"\n },\n {\n \"name\": \"id\",\n \"value\": \"Skip\"\n }\n ],\n \"input\": [\n {\n \"name\": \"IDToken3\",\n \"value\": \"Skip\"\n }\n ]\n }\n ]\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{amUrl}}/json/authenticate",
"host": [
"{{amUrl}}"
],
"path": [
"json",
"authenticate"
]
},
"description": "Return the MFA skip callbacks received from the previous step. \n\nThen get the session token from the response headers. To manually provide the session token name, navigate to **Tenant Settings** in the ID Cloud console and copy the *Cookie Name* value. Use this value in the `cookieName` variable in your Postman Collection."
},
"response": [
{
"name": "Success - authentication complete",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json",
"description": "Specifies that the `/json/authenticate` endpoint uses JSON format for requests."
},
{
"key": "Accept-API-Version",
"value": "resource=2.0, protocol=1.0",
"description": "Specifies the version of the `/json/authenticate` endpoint to use."
}
],
"body": {
"mode": "raw",
"raw": "{\n \"authId\": \"{{authId}}\",\n \"callbacks\": [\n {\n \"type\": \"NameCallback\",\n \"output\": [\n {\n \"name\": \"prompt\",\n \"value\": \"User Name\"\n }\n ],\n \"input\": [\n {\n \"name\": \"IDToken1\",\n \"value\": \"{{postmanDemoUsername}}\"\n }\n ],\n \"_id\": 0\n },\n {\n \"type\": \"PasswordCallback\",\n \"output\": [\n {\n \"name\": \"prompt\",\n \"value\": \"Password\"\n }\n ],\n \"input\": [\n {\n \"name\": \"IDToken2\",\n \"value\": \"{{postmanDemoPassword}}\"\n }\n ],\n \"_id\": 1\n }\n ]\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{amUrl}}/json{{realm}}/authenticate?authIndexType=service&authIndexValue={{loginJourney}}",
"host": [
"{{amUrl}}"
],
"path": [
"json{{realm}}",
"authenticate"
],
"query": [
{
"key": "authIndexType",
"value": "service",
"description": "Allows the request to configure the service (for example, an authentication tree) to use for this request."
},
{
"key": "authIndexValue",
"value": "{{loginJourney}}",
"description": "Specifies the name of the service to use for this request.\nOverride this value using the `amAuthenticationTree` Postman variable."
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "X-Frame-Options",
"value": "SAMEORIGIN"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Cache-Control",
"value": "private"
},
{
"key": "Cache-Control",
"value": "no-cache, no-store, must-revalidate"
},
{
"key": "Set-Cookie",
"value": "iPlanetDirectoryPro=0_OKRrdKWp4qNlomyaBn3lRl23U.*AAJTSQACMDEAAlNLABxiNmZiTnVSV05IbUFNbWprV3ZndUlNdlVYNDg9AAR0eXBlAANDVFMAAlMxAAA.*; Path=/; Domain=example.com; HttpOnly"
},
{
"key": "Set-Cookie",
"value": "amlbcookie=01; Path=/; Domain=example.com; HttpOnly"
},
{
"key": "Content-API-Version",
"value": "resource=2.1"
},
{
"key": "Expires",
"value": "0"
},
{
"key": "Pragma",
"value": "no-cache"
},
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Content-Length",
"value": "167"
},
{
"key": "Date",
"value": "Wed, 12 Aug 2020 14:08:53 GMT"
}
],
"cookie": [
],
"body": "{\n \"tokenId\": \"N60dPV99pcqVVI.*AAJTSQACMDEAAANDVFMAAlMxAAA.*\",\n \"successUrl\": \"/openam/console\",\n \"realm\": \"/\"\n}"
}
]
}
