0

Hello everyone, I have a Mendix application that is successfully configured for SSO with SAML 2.0 (Siemens SSO). The SSO login works fine at the "Production" security level in the Mendix Cloud. The REST service published by the app works correctly in localhost testing with the security level set to "Off". However, in the cloud with the security level set to "Production", I receive a HTTP 401 "not authorized" response for external REST API access from the app. My questions are: Which authentication method for external REST API access is checked by Mendix by default when the security level is set to "Production" (with SAML2.0 SSO login)? What secrets/credentials are needed for this? For example, is a special token (personal or functional access token) required for the external REST request by default, and if so, how / from where must I obtain it with an app using Siemens SSO login? In the app's REST module, for example, in the microflows for the published REST services, do I need to make any additional adjustments for this authentication, or is the full authentication check already performed by Mendix internal REST mechanisms before the REST microflow starts?  The app was developed with the current MX Studio Pro 10.12.0. Thank you in advance for your support! Best regards, Hape

asked 2024-07-31

0 answers