Login with REST API (WEB)

Login with REST API (WEB)

  

i want to ask how to make login (web) with REST API, i already ask my friend, she says "i don't know, i think little different login mobile and web, in web we must can take GetUserId but in REST API no GetUserId, I recommended to make local database for store my REST API".

anyone give me solution ? or any other way ?

Hi Zainal,

Can you explain why you want to make a login using a REST API? What is your use case, and what do you want to achieve with it? Where do you want to be logged in? Etc.

Kilian Hekhuis wrote:

Hi Zainal,

Can you explain why you want to make a login using a REST API? What is your use case, and what do you want to achieve with it? Where do you want to be logged in? Etc.


Hi Kilian

i using REST API because the demand for the company. i want after login go in list sales page. i've tried to make login with replace database to my REST API but always "invalid username and password" when it is correct

Hi,


What gives the invalid username/password?

the server that exposes the REST-webservice you consume?

Even then, if you are logging in with a REST-websevice, you should get some information back like a SWT-token, SAML-token, heck even a username would be great, so you can map it to the outsystems-user.

otherwise you never can login into outsystems.

unless you make everything anonymous of course, but that beats the whole login-mechanism.



J. wrote:

Hi,


What gives the invalid username/password?

the server that exposes the REST-webservice you consume?

Even then, if you are logging in with a REST-websevice, you should get some information back like a SWT-token, SAML-token, heck even a username would be great, so you can map it to the outsystems-user.

otherwise you never can login into outsystems.

unless you make everything anonymous of course, but that beats the whole login-mechanism.




Hi,

maybe because i can't get GetUserId.

i little understand with your explain, i am wondering why in mobile outsystem no like that. to be honest i don't know what that REST-webservice, SWT-token and SAML-token. because my basic is frontend. but thanks for your explain. 


Hi Zainal,

I think you're pretty much over your head here. You are asked to make something that you know nothing about, which makes it very hard to make something that works without flaws.

Logging in means verifying that a user is who he says he is (by checking the username and password), and supplying the application with the priviliges ("Roles" in OutSystems parlance) the user has. In OutSystems, you can use the Users eSpace to manage users, assign them Roles (or group them into Groups, and assign Roles to a group). Roles are defined in Service Studio, and are used in Service Studio to limit access to screens, and limit access to functionality (like an "Edit" or "Delete" functionality, where all users would have "View" functionality).

You are asking to log in via a REST API. That means that you'll send the username and password that the user typed in to another server via REST, and that server will check the username and password and tell you whether they are valid. But you are still not logged into OutSystems. So you don't know who the user is, and you don't know what priviliges the user has. There are several ways to overcome this issue, but these is all pretty advanced theritory, and I wouldn't go there unless you are an advanced developer - something which you clearly are not.

Kilian Hekhuis wrote:

Hi Zainal,

I think you're pretty much over your head here. You are asked to make something that you know nothing about, which makes it very hard to make something that works without flaws.

Logging in means verifying that a user is who he says he is (by checking the username and password), and supplying the application with the priviliges ("Roles" in OutSystems parlance) the user has. In OutSystems, you can use the Users eSpace to manage users, assign them Roles (or group them into Groups, and assign Roles to a group). Roles are defined in Service Studio, and are used in Service Studio to limit access to screens, and limit access to functionality (like an "Edit" or "Delete" functionality, where all users would have "View" functionality).

You are asking to log in via a REST API. That means that you'll send the username and password that the user typed in to another server via REST, and that server will check the username and password and tell you whether they are valid. But you are still not logged into OutSystems. So you don't know who the user is, and you don't know what priviliges the user has. There are several ways to overcome this issue, but these is all pretty advanced theritory, and I wouldn't go there unless you are an advanced developer - something which you clearly are not.


Hi Kiliian,

i interesting with your explain and i understand. so do you think i must use local database outsystems ? and i little understand with "Role".

Hi Zainal,

"Roles" are an important part of the OutSystems security model. You can read all about them here. Also, they are handled in the web app training (see here), chapter "Security and Session Handling". Did you follow the training at all? If not, I would strongly urge you to do so, in order to get a better understanding of things.

Kilian Hekhuis wrote:

Hi Zainal,

"Roles" are an important part of the OutSystems security model. You can read all about them here. Also, they are handled in the web app training (see here), chapter "Security and Session Handling". Did you follow the training at all? If not, I would strongly urge you to do so, in order to get a better understanding of things.


Thanks Kilian,

yes i not follow the training at all, maybe i should have learned a lot.

Hi Zainal,

I cannot stress enough that doing the training is really, really important. It will save you many questions (and the others many frustrations :)). You can't expect to understand a new platform like OutSystems without at least some training, even though it's by far the easiest platform to get accustomed to.