How to Implement Bearer Authentication with InterSystems IRIS REST API?

Question

Question

Evgeny Shvarov · Nov 10, 2021

#Authentication #REST API #InterSystems IRIS

Hi folks!

Could you please share your experience on how do you create REST API with InterSystems IRIS that uses bearer authentication?

How do you generate tokens? How do you maintain it (how much time tokens exist?).

Thanks in advance!

Product version: IRIS 2021.1

Discussion (4)4

Log in or sign up to continue

Dmitry Maslennikov · Nov 10, 2021

Look at my Realworld project realization. There I have a separate table for users, and Bearer token creation and validation, expiration time set in parameter. And API, checks it for any request required authorization.

1 0

score 0 · Answer 1 · 2021-11-11T15:51:44-05:00

Evgeny Shvarov Nov 11, 2021 to Dmitry Maslennikov

Thanks, Dmitry! This is what I was looking for

0 0

score 1 · Answer 2 · 2021-11-10T07:13:37-05:00

All this kind of stuff is built into both QEWD's REST services and mgweb-server with appropriate APIs for all the JWT/Bearer Token life-cycle. Find both on my Github repos:

https://github.com/robtweed/qewd

https://github.com/robtweed/mgweb-server

See the REST/IRIS examples based on the RealWorld/Conduit application which use JWT-based authentication carried as bearer tokens:

https://github.com/robtweed/mgweb-conduit

https://github.com/robtweed/qewd-conduit

score 0 · Answer 3 · 2021-11-11T15:49:07-05:00

Evgeny Shvarov Nov 11, 2021 to Rob Tweed

Thanks, Rob! Don't see though the example of how to make a Bearer token authorisation with InterSystems IRIS

0 0