Authentication Methods in Applications Manager

Authentication Methods in Applications Manager

Authentication involves validating an incoming user to facilitate the access to a specific resource. There are various authentication methods that you can use - based on the requirements and usage. In recent times, numerous organizations are increasingly leveraging the capabilities of token based authentication as compared to basic authentication as it aids in enhancing user experience and also comes with several advantages.
 
Token Based Authentication
 
Token based authentication involves the use of a token (sometimes known as an access token) - an alphanumeric key that is used to identify a particular user. It is stateless, more secure and is an effective, hassle-free method of authentication.
 
Applications Manager leverages the capabilities of token based authentication to facilitate data collection for some monitors from secure end point URLs. Applications Manager provides two token based authentication method options :
 
OAuth:

Open Authorization (OAuth) is an open standard framework that gives applications the power to authenticate the access to a resource in a secure, specific way without actually sharing the primary log on credential details. It acts as a third party user agent that delegates the authorization process.
 
With Applications Manager, you can configure an OAuth Provider which generates an Access Token that can be used to authenticate an API endpoint secured by OAuth 2.0 in the desired monitor. This token which is stored in Applications Manager is then used to access the URLs from which data is collected for the monitor.

You can configure an OAuth provider by navigating to Admin -> Discovery & Data Collection -> OAuth Provider -> Add OAuth Provider.
 


Monitors that support OAuth Authentication:
  1. REST API Monitor
  2. REST API Action
  3. Google Cloud Platform Monitor
  4. ServiceDeskPlus Cloud
  5. Site24x7 Integration
  6. Mail Server
  7. Microsoft Azure Monitor
If you want to know more about configuring an OAuth Provider in Applications Manager, refer to this link.
 
Web Tokens:
 
Web tokens enable two parties to transfer information securely. It is a simple request to an end point URL based on the token response path. Applications Manager enables you to configure web tokens globally which can be used by the monitors for data collection.
 
Applications Manager supports 4 possible formats of Token Response path which can be used for the REST API monitor:
  1. JSON
  2. XML
  3. Header
  4. Text
You can create a Web Token by navigating to Admin -> Discovery & Data Collection -> Web Token -> Add new Web Token.
 
To know more about creating a Web Token in Applications Manager, refer to this link.
 
Common questions on token based authentication:
 
Why should I choose Applications Manager's token based authentication methods while adding monitors?
 
Tokens are stateless, and enable a more secure way of authentication. This is one way to ensure that passwords are be decoded and catastrophic incidents can be avoided.