Orchestrator API (with AD)

orchestrator
api
authentication
activedirectory

#1

Hello,

@Florent_Salendres and I are having an issue calling the Orchestrator Authenticate API when Orchestrator is configured with Active Directory.

The documentation does not suggest there should be any difference in the configuration

Username
Password
TenancyName

When configured with a Non-AD account this works fine and an auth token is returned.

RD


#2

Hey Richard,

What error are you getting?
Did you try passing the domain in the request as well? Username should be exactly the same as if you’d be logging in from the website (I know you both know this, but obvious things are sometimes easy to miss).


#3

Hi Andrzej

Error we got is “An error occured” on the http response (Code 500)

Thanks for the input but unfortunately no success so far using both domain\username or domain\email from what was reported to me (i do not have myself access to the environment).

The thing is that when your Orchestrator is installed with domain authentication, you do not need to go to the login page.

From what i remember it was tested to pass also null/empty password

Looking on network traffic while visiting the website and reading json metadata, we can see that username, tenant are fine.

We checked that their roles are sufficient to do so

Can anyone confirm having success authenticating with AD account?
@Ovi ?

Issue is currently encountered on 2017.1

Thank you in advance


#4

Hello,

You could direct call the needed API (without any previous authentication step) if you are logged in on the machine with the AD user (and the user is imported in orchestrator, has permissions, etc). This solution works by default only with HTTTP request activity from Studio. For other third party tolls, some previous configuration must be done.
Also, it should work also with token, but maybe you should try domain\username instead of domain\username
Try and let me know if any solution worked for you.
Thanks,
Cosmin


#5

I got the feedback that worked out without calling authenticate using HTTP request Activity
I will inform you if I get update on getting token using different input for the user name

Thanks for your help


#6

Hi all,

I have the same issue.
Not able to authenticate when using AD Windows login. I tried logging first into Orchestrator and after executing the request for getting Assets from Studio, and the response is “You are not authenticated”.

Any other alternative way?