1. | Click Connectivity studio Integration Design. |
2. | Click Projects. |
3. | Click Edit. |
4. | Expand the Web service application section. |
5. | Click New. |
6. | You can set up a separate web service application for each of your environment types. You can use this to prevent messing up your production data. For example, with separate web service applications, you can strictly distinguish between your testing environment and production environment. The applicable environment type is defined in the Environment type field on the Connectivity studio parameters. For example, if set to Development, the web service application for environment type Development is applicable. |
  | In the Environment types field, select an option. |
7. | Enter the base URL to the outbound web service application. For each applicable web service action, the URL is extended with the resource. You can also use attributes to add extra information to the web service URL. |
  | In the Base URL field, type a value. |
8. | The default authentication type is None. Only choose None, if no (pre-defined) authentication is required to access the external web service. This is used, for example, if the authentication is included in the header of the HTTP request. |
  | In the Authentication field, select 'None'. |
9. | Sub-task: Use Windows authentication. |
9.1 | You can use a Windows user to access the external web service. For the Windows authentication, fill in these fields: - Domain - User name - Password |
  | In the Authentication field, select 'Windows'. |
9.2 | Fill in the Windows domain to which the user belongs. |
  | In the Domain name field, type a value. |
9.3 | Enter the password or password reference of the Windows user. Whether the password or password reference applies is defined by the Display secret field in the Connectivity studio parameters. If the Display secret parameter is set to: - Secret, fill in the Password field with the Windows password of the user. The password is specific for the current connector. - Secret reference, fill in the Password reference field with the desired secret reference. The password reference refers to a centrally stored Windows password which makes updating secrets easier. - Both, fill in either the Password field or the Password reference field. |
  | In the Password field, or in the Password reference field, type a value. |
9.4 | Fill in the Windows user ID of the user. |
  | In the User name field, type a value. |
10. | Sub-task: Use Basic authentication. |
10.1 | You can use basic authentication to access the external web service. For the Basic authentication, fill in these fields: - User name - Password Make sure, the user name and password are also defined in the web service application. |
  | In the Authentication field, select 'Basic'. |
10.2 | Enter the password or password reference to be used for the web service authentication. Whether the password or password reference applies is defined by the Display secret field in the Connectivity studio parameters. If the Display secret parameter is set to: - Secret, fill in the Password field with the web service application password. The password is specific for the current connector. - Secret reference, fill in the Password reference field with the desired secret reference. The password reference refers to a centrally stored web service application password which makes updating secrets easier. - Both, fill in either the Password field or the Password reference field. |
  | In the Password field, or in the Password reference field, type a value. |
10.3 | Fill in the user ID to be used for web service authentication. |
  | In the User name field, type a value. |
11. | Sub-task: Use OAuth2 authentication. |
11.1 | You can use OAuth2 authentication to access the external web service. To access the web service applications that are defined for the current project, the authentication for the web service endpoint is managed by an OAuth2 server. |
  | In the Authentication field, select 'OAuth2'. |
11.2 | Define how OAuth2 authentication is done. You can choose one of these non-interactive options: - Password (Resource owner grant flow): Use this flow to authenticate users based on user name and password. Fill in these fields: User name, Password or Password reference, Client ID, Resource, Token authorization endpoint. Optionally, fill in these fields: Redirect URI, Scope. - Client credentials (Client credentials flow): Use this flow to authenticate users with a secret instead of a user name and password. Fill in these fields: Client ID, Client secret or Client secret reference, Resource, Token authorization endpoint. Optionally, fill in these fields: Redirect URI, Scope. |
  | In the Grant type field, select an option. |
11.3 | Fill in the user ID to be used for web service authentication. |
  | In the User name field, type a value. |
  |
Note: Only fill in the user name if the grant type is 'Password'. |
11.4 | If the grant type is 'Password', enter the password or password reference for the OAuth2 authentication (Resource owner grant flow). Whether the password or password reference applies is defined by the Display secret field in the Connectivity studio parameters. If the Display secret parameter is set to: - Secret, fill in the Password field with the desired password. The password is specific for the current connector. - Secret reference, fill in the Password reference field with the desired secret reference. The password reference refers to a centrally stored password which makes updating secrets easier. - Both, fill in either the Password field or the Password reference field. |
  | In the Password field, or in the Password reference field, type a value. |
  |
Note: Only fill in the password if the grant type is 'Password'. |
11.5 | For both grant types, fill in the client ID. The provider of the web service that is secured with OAuth2, can provide you with the required client ID. If you use a registered application in Microsoft Entra ID, use the client ID of this application. |
  | In the Client ID field, type a value. |
  |
Note: If the external web service is a cloud service of Microsoft, Microsoft Entra ID is the identity provider. Therefore, register an Microsoft Entra ID application. For the registered application, grant permissions to the external web service. |
11.6 | If the grant type is 'Client credentials', enter the client secret or client secret reference for the OAuth2 authentication (Client credentials flow). Whether the client secret or client secret reference applies is defined by the Display secret field in the Connectivity studio parameters. If the Display secret parameter is set to: - Secret, fill in the Client secret field with the desired client secret. The client secret is specific for the current connector. - Secret reference, fill in the Client secret reference field with the desired secret reference. The client secret reference refers to a centrally stored client secret which makes updating secrets easier. - Both, fill in either the Client secret field or the Client secret reference field. |
  | In the Client secret field or in the Client secret reference field, type a value |
  |
Note: Use the client secret that belongs to the used client ID. The provider of the web service, that is secured with OAuth2, can provide you with the required client secret. If you use a registered application in Microsoft Entra ID, use the client secret of this application. |
11.7 | For both grant types, fill in the resource. The resource is the actual endpoint. Usually, this is the same as the base URL of the web service application. |
  | In the Resource field, type a value. |
11.8 | For both grant types, you can fill in the scope. Only fill in the scope if the OAuth2 provider requires to detail the scope of access. |
  | In the Scope field, type a value. |
11.9 | For both grant types, fill in the token authorization endpoint. This is the endpoint of the OAuth2 server. If you connect to a Microsoft service, you can use this URL: https://login.microsoftonline.com/[your-tenant]/oauth2/token (replace '[your-tenant]' with the actual tenant). |
  | In the Token authorization endpoint field, type a value. |
11.10 | For both grant types, you can fill in the redirect URL. Usually, a redirect URL is not required. If required, fill in the redirect URL as provided by the OAuth2 service provider. |
  | In the Redirect URI field, type a value. |
12. | Sub-task: Use basic authentication with any authentication server. |
12.1 | You can use any authentication server to access the external web service. To access the web service applications that are defined for the current project, the authentication for the web service endpoint is managed by an authentication server of your choice. User authentication is done based on user name and password. |
  | In the Authentication field, select 'Basic authentication JWT'. |
12.2 | Click Save. |
12.3 | Fill in the user ID to be used for web service authentication. |
  | In the User name field, type a value. |
12.4 | Enter the password or password reference to be used for the web service authentication. Whether the password or password reference applies is defined by the Display secret field in the Connectivity studio parameters. If the Display secret parameter is set to: - Secret, fill in the Password field with the desired password. The password is specific for the current connector. - Secret reference, fill in the Password reference field with the desired secret reference. The password reference refers to a centrally password which makes updating secrets easier. - Both, fill in either the Password field or the Password reference field. |
  | In the Password field, or in the Password reference field, type a value. |
12.5 | Fill in the token authorization endpoint URL. This is the endpoint of the authentication server. When a web service request is sent to an external web service, first an authentication request is sent to the authentication server, using this URL. If the user name and password are valid, the authentication server returns a bearer token. With this token the web service request can be received by the external web service. |
  | In the Token authorization endpoint field, type a value. |
12.6 | Usually, a bearer token is valid only for a limited period. For example, the token is only valid for 24 hours. When the period is over, the token expires. Each web service request that is sent within this time period, uses the token. So, no new token request is sent to the authentication server. If the token has expired, and a web service request is sent, a new authentication request is sent to the authentication server. |
  | In the Expires within field, enter the number of hours after which the bearer token expires. |
13. | Close the page. |
Related to | Notes |
---|---|
Define project |
  |
Set up outbound web services |
  |