Get in touch: info@samuelfair.com

Creating a user registry – Digital Transformation with IBM API Connect

You can create a new user registry by logging in to the API Manager and navigating to Home | Manage resources | User registries | Create. You will be presented with the screen shown in Figure 7.3:

Figure 7.3 – Selecting a new user registry type

As shown in Figure 7.3, there are four types of user registries. Local user registry (LUR) is the first user registry created when you install APIC. The LUR type is used to provide simple registries for Catalogs. Each catalog (sometimes called an environment) has its own LUR that contains the authorized users for that catalog. Refer to Figure 7.2 for the default LUR created for the Sandbox catalog.

LUR is the most basic type of user registry provided by APIC. From Figure 7.3, you can appreciate the range of user registry types that are supported by APIC.

Next, you will learn to provide some of the common user registry types, starting with an Authentication URL user registry.

Configuring an Authentication URL user registry

There are instances when a user’s credentials are stored outside of an LDAP system, for example, in a user table in a database, a CRM or third-party authentication system, or a simple file-based repository. A simple REST authentication endpoint can be made available that can authenticate a user against such repositories. From APIC’s perspective, the HTTP response code from such an authentication endpoint decides whether a user’s authentication is successful (HTTP response code 200) or a failure (HTTP response code <> 200). APIC supports a user registry type called an Authentication URL user registry to utilize such an authentication endpoint.

You will now learn to build an Authentication URL user registry that will use a mock authentication endpoint, http://httpbin.org/basic-auth/user/pass. Here is how it goes:

  1. Navigate to the Home | Manage resources | User registries page. Click Create and then choose the Authentication URL user registry tile (refer to Figure 7.3). Enter the information shown in the following Table 7.1:

Table 7.1 – Creating a new Authentication URL user registry

Your screen should look like the left-hand section 1 of Figure 7.4:

Figure 7.4 – Authentication URL user registry configuration

2. Click Save and you are ready to use it. You will certainly appreciate the ease of creating a user registry. You will be able to see your newly created Authentication URL user registry as HttpBin user registry in the list of User registries. Refer to section 2 of Figure 7.4.

3. The last step is to make the HttpBin user registry available to the Sandbox catalog. Click on the Home screen | Manage catalogs tile | Sandbox tile | Catalog settings tab | API user registries section | Edit button. In the Edit API user registries view, click the checkbox for HttpBin user registry and then click Save. Refer to section 3 in Figure 7.4.

This completes the creation of an Authentication URL user registry and making it available to the APIs deployed on the Sandbox catalog.

Another scenario you will often encounter is to interface with an LDAP system for authentication purposes. You will next see the method of configuring an LDAP user registry to perform such an authentication.

Leave a Reply

Your email address will not be published. Required fields are marked *