I have an app that authenticates users using LDAP (Active Directory). We also use LDAP for Confluence authentication.
I'm using the REST API to integrate Confluence with our app and I'd like the API requests to be executed in the user's context. This would enforce that a user only does what he/she's allowed to do as well as make sure that new post created/updated with the API carry the user's "stamp".
It seems like the older API had a way of issuing request with token instead of basic auth (username/password) but I can't seem to find the correct way to do this now.
Is it at all possible? Would anyone have a suggestion for a different way to accomplish what I'm trying to?
One thing important to me is not to hold onto the user's password. I would pass is authentication credentials on login, directly to Confluence's API, without having to "save" it somehow to be used later on.
PS: Running Confluence 6.3.1
Alternatively, in your application, you may try to login your users by sending user credentials to Confluence login page, and parsing response. You need to save "seraph.confluence" and "JSESSIONID" cookie values from response, and use them in you REST calls (just add them to cookies header of your requests). That may do the trick, but may not work in all cases.
Hope that helps.
- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events