I am in need of some assistance or guidance. I am trying to integrate with CA Single Sign-On (Siteminder) in terms of just making REST API calls to the SSO API endpoints. I am trying to work within the API Gateway to do all of this and make testing/template policies for future use cases.
I want to build out a policy that allows me to make multiple calls/requests in a single API. How would that be done??
If I am trying to hit a testing SSO endpoint - it requires me to have a JWT or Bearer Token. I can hit the endpoint URL directly or even if I set a Routing assertion with that endpoint inside my Gateway/policy. I do most of my testing on Postman. The result should show me all the say if I set the URI to list all the SmDomains on our testing Policy Server.
I just was asking in terms of does anyone know of a "basic and easy" way to where I make a REST call and receive the sessionkey/token and use that token to make another call to that same endpoint URL but with different URI/parameter??
What I have so far in my testing policy is:
- Audit Message in Policy
- At least one ...
- All must be ...
- Require HTTP Basic Credentials
- Route via HTTPS ... (to the REST API to pull a token)
(^^ this works in giving me a token -
1. Here if I go to Postman with the URL: POST https://<gateway:port>/ca/api/sso/services/login/v1/token (withe SSO login credentials) from -- Administrative Token API - CA Single Sign-On - 12.8 - CA Technologies Documentation
2. I should get in the Response section get a session key.
3. For instance, from the list of SSO REST APIs -- Policy Data API - Core Policy Objects - CA Single Sign-On - 12.8 - CA Technologies Documentation -- if I copied that same key/token I just generated and made another request:
I set the Authorization header as Bearer Token and pasted the token -- ran the request and it displays the information I need; I am just trying to replicate this process in my Gateway as a single request instead of separate, individual requests, etc.)
I have tried followed the instructions from this link I'm trying to request a token in the first call and pass it to second call. but I do not know how to setup the "Evaluate JSON Path Expression Assertion with the response from the first call as input" in step 1. I have also tried step B in changing the header value within the Routing properties but I am not sure if that should be done on the first Routing assertion or make another Routing assertion with those configurations?
If anyone can assist me on this process, it would be greatly appreciated!