We are trying to get the token out of the Client API in the Connected System from the Component. We need the username or any user details to generate the token for those requesting the token from the Component. We can send the logged-in user information in the payload of the request, but due to security concerns, we shouldn't pass any user details in the request.
Is there any way that we can get the requester details from the Connected System?
We tried getting a username from ProxyConfigurationData(Java object) got from ExecutionContex(Java object). It returns a null value if a proxy is not configured.
We didn't get any user details from the SimpleClientApiRequest object.
Please let us know if there is any other way or workaround to get the requester details from Connected System. Also is there any possibility that we can get requester details in servlet?
Thanks,
Santhosh Kumar A
Discussion posts and replies are publicly visible
Is there any reason you do not pass in the user as a value in the integration?
Yes, our customers are very concerned about the user details sent in the integration. Anyone in the Client system can see the user details in the developer tools of the browser.
Please help me, I do not understand this. An integration in Appian and the data exchanged is not visible in any browser. Can you elaborate on your use case?
Hi Stefan,
We are using Client API in Connected System to run a server action from the Custom Sail Component. Server Action requires which Appian user is using Custom Sail Component to raise the request to Client API.Currently, we are passing the LoggedInUser information as payload in the request(from browser) to Client API. Since we can see all the request information in the developer tool of the browser, we would like to get the request user details from the Client API(Java program) in the Connected System.
Doing an API call directly from the UI component is a bad practice. Check this: docs.appian.com/.../component-design.html
Yeah, as you said we are invoking the Client API method. But still, we can get the payload of request from the developer tools.
I am confused. Did you try to reach out to Appian?
We tried reaching out and also looking for help from the community.