Web API is failing on SAML enabled environment

RE: Web API is failing on SAML enabled environment

priyankag0001 — Fri, 23 Aug 2019 05:49:15 GMT

Thanks Peter. It's worked. I had not added service account into the security group of datastore.

RE: Web API is failing on SAML enabled environment

Peter Lewis — Wed, 21 Aug 2019 12:30:14 GMT

What error are you getting?

Some things to check:

Is the user in the Service Accounts group? You won't be able to use an API key unless they belong to this group
Make sure the user isn't in the SAML group. This use shouldn't authenticate using SSO.
How are you adding the API Key to your request? It should be like this:
- Header: "Appian-API-Key"
- Value: [API Key]
What is the Web API accessing (e.g. write to data store, start process, etc.) Does the user account also have access to the associated design objects? The account will need at least viewer privileges to read / write from a data store and initiator privileges to start a process.

RE: Web API is failing on SAML enabled environment

priyankag0001 — Wed, 21 Aug 2019 05:25:11 GMT

Hi guys,

Thanks for your response, but it's not working with API Key, I have created service account and given viewers right to web API.

and currently my requirement is to call this API from another Appian environment only not from any other system.

RE: Web API is failing on SAML enabled environment

Peter Lewis — Mon, 19 Aug 2019 14:58:45 GMT

I should have kept reading in the docs :) I stand corrected, it doesn't look like you can use session-based authentication for external systems. As mentioned by the commenter below, here's the relevant part in the docs: If you wish to invoke an Appian Web API from another system, you must use either API key or basic authentication.

So it looks to me like your best bet is to use an API key, that way you don't have to pass credentials or worry about what the basic authentication credentials are for that user.

RE: Web API is failing on SAML enabled environment

juergeng393 — Mon, 19 Aug 2019 14:20:19 GMT

Hi priyankag0001,

Calling a web api there are the following methods of authentication possible:

There are three ways to authenticate users when calling a web API:

If you wish to invoke an Appian Web API from another system, you must use either API key or basic authentication

This is an excerpt of the documentation, can be found here: https://docs.appian.com/suite/help/19.2/Web_API_Authentication.html

Hope that helps.

RE: Web API is failing on SAML enabled environment

Peter Lewis — Fri, 16 Aug 2019 13:40:15 GMT

Can you describe your use case for this? Why would you need to use an integration call from one environment to call a Web API in another Appian environment? If your plan is that your Web API will be called by a system external to Appian, it is better to test using that system and not from one Appian environment to another.

That being said, if you do plan on using an external system, I'd suggest these 2 ways you can authenticate:

1) Use session based authentication: https://docs.appian.com/suite/help/latest/Web_API_Authentication.html#session-based-authentication. If your session is already established, you shouldn't need to provide credentials.

2) Use an API key and service account: https://docs.appian.com/suite/help/latest/Web_API_Authentication.html#api-key-authentication