External Site Authentication

External Site Authentication


We have a requirement to give a user from our site (outsystems based) access to an external PHP site.  The PHP site requires authentication, we have the access details to said site but are unsure of how to programmatically authenticate into the PHP site from outsystems.
From the forums I found the following information:
This discussion is rather dated, is there an update on how to achieve programmatic authentication without having to create an extension?
depends on the authentication of the php site.

what kind of authentication?
is there an api?

The site uses basic http authentication.

The service provider for this site does not expose any API or token based web service login.  So we are basically left with having to post a form with the login data filled from within outsystems.
well, probably you are stuck with the httprequesthandler extension and the PostRequest_Submit action and perhaps some others


If you are using Platform 9 then you can use the REST Api's to call it.

João Rosado

Do you want to obtain information from a site to obtain information to display to the user in your OutSystems built application ? If so, the suggestion from João Rosado should loosely cover it.

If your use-case is different, for example, redirecting the user's browser to the other site and ensuring he's already logged in, this may be a little more difficult to accomplish without proper support from the other site.

Can you please elaborate a bit more on your use-case?

Best regards,
Ricardo Silva
Hi Ricardo,

Indeed our requirement is the second scenario where we need to redirect and automatically authenticate the user.  We are not interfacing with the external service provider on any data level, we just need the user to be able to access that site to view monitoring information which is gathered (but not shared) by this service provider.
The expectation is  to create a hyperlink (or button) which will open a new tabe pointing to the PHP site with authentication already handled.  We are cleints of the providers of the PHP site and thus have no control over their implementation. 
Ideally I would like to have an API from their side, but this does not seem like it will happen.

Hello Ronald,

In this case in order to provide a meaningful answer we'd need more details of the authentication mechanism used by the other site. However, like I said, without proper support for this it's likely going to be damn near impossible (due to security restrictions on the operations allowed in browsers).

But I'm not exactly experienced in these scenarios, so I'll leave more experienced people provide you with a more authorative answer.

Best regards,
Ricardo Silva