Invoking an Identity Service

You can use the following methods for an identity service.

Login with provider type as Basic

 // Sample code to authenticate to Quantum Fabric Client

var authClient = null;
var providerName = < your - provider - name > ;
var username = < uername - for -your - provider > ;
var password = < password - for -your - provider > ;
try {
    authClient = client.getIdentityService(providerName);
} catch (exception) {
    console.log("Exception" + exception.message);
}
authClient.login({
    "userid": username,
    "password": password
}, function(response) {
    console.log("Login success" + JSON.stringify(response));
}, function(error) {
    console.log("Login failure" + JSON.stringify(error));
});

NOTE: The client is the kony.sdk(); object.

IMPORTANT: When you select Quantum User Repository as the identity type, the system does not allow you to provide an identity name.

To use Quantum User Repository as authentication service, ensure that the value for providerName is set as userstore. If you set it with any other value (for example, Quantum User Repository, User Store or Cloud Repository), the system throws an error.

Login with provider type as OAuth/SAML

NOTE: For Fabric version V9 ServicePack 3 (or later), the JS SDK supports rfc7636 for OAuth providers that use PKCE in the Authorization Code grant flow. For more information, refer to PKCE Support in Fabric.

 // Sample code to authenticate to Quantum Fabric Client
var authClient = null;
var providerName = < your - provider - name > ;
try {
    authClient = client.getIdentityService(providerName);
} catch (exception) {
    console.log("Exception" + exception.message);
}
authClient.login({},
    function(response) {
        console.log("Login success" + JSON.stringify(response));
    }, function(error) {
        console.log("Login failure" + JSON.stringify(error));
    }
);

NOTE: The client is the kony.sdk(); object.

Login with provider type as OAuth 2.0 in the same browser window

NOTE:
  • For Fabric version V9 ServicePack 3 (or later), the JS SDK supports rfc7636 for OAuth providers that use PKCE in the Authorization Code grant flow. For more information, refer to PKCE Support in Fabric.

  • Login in the same browser window is supported for Fabric versions V9 ServicePack 3 or later.

In the earlier section (Login with provider type as OAuth/SAML), the login page of an OAuth Identity provider opens in a new window (or a new tab) on the browser. However, login in the same browser window can be enabled by using the noPopup option in the loginOptions.

The Fabric SDK object and the client app state are reinitialized when the browser redirects to the web app from the OAuth Login page in the same window. To avoid losing the app state and data, make sure that you store the client app data (if any) in a secure storage before invoking the Login API.

You can store the data before invoking the Login API, or by using the customDataSaveHandle option in the loginOptions. For more information, refer to the following code example.

NOTE:

In the following code snippet:

  • Passing the success_url parameter is optional. If the value is empty, success_url is set to the domain and path of the current window.
  • The customDataSaveHandle function is invoked before redirecting to the login page in the same window. By using the function, you can store necessary data to a local storage, and then make any required network calls.
    After the specified tasks are completed, invoke the continueLogin function to continue the login process. If any errors occur, invoke the abortLogin function to abort the login process.

 

// Sample code to enable login in the same browser window

var sdkObject = kony.sdk.getDefaultInstance();
var identityServiceObject = sdkObject.getIdentityService("<providerName>");
var options = {};
options["loginOptions"] = {}; 

options["loginOptions"]["noPopup"] = true; 

options["loginOptions"]["customQueryParamsForOAuth"] = {"success_url": "<app-url>"};
/* For example -> "https://example.com/apps/appName/" */

options["loginOptions "]["customDataSaveHandle"] = function(continueLogin, abortLogin)
{
var data = getData();
storeDataInLocalStorage(data);
setLoginStateInServer(data, networkResponse);

function networkResponse(response)
{
	if(response.isSuccess)
	{
	continueLogin();
	}
	else
	{
	abortLogin();
	}
}
}

function successCallback(res)
{
   alert("Login Successful");
};

function failureCallback(err)
{
   alert("Login failed due to: " + JSON.stringify(err));
}

identityServiceObject.login(options, successCallback, failureCallback);

 

Use the JavaScript onload event (or a similar event based on your web app) to complete the login process. Provide the appropriate success and failure callbacks to the kony.sdk.performNoPopUpLogin API. The callbacks can be the same callbacks that are provided in the login API. For more information, refer to the following code example.

window.onload=function ()
{
function loginSuccessCallback(response)
{
	alert("Login successful.");
	//retrieve data stored in localstore. 
}

function loginFailureCallback(response)
{
	alert("Login failed due to : " + JSON.stringify(response));
}

kony.sdk.performNoPopUpLogin(loginSuccessCallback, loginFailureCallback);
}

Error Codes and Error Messages

Error Code Error Message
109 Unable to store app verifier at middleware server.
110 Unable to retrieve app verifier from middleware server.
111 CustomDataSaveHandle should be function and should accept successCallback and failureCallback.
112 CustomDataSaveHandle failed by user.
113 The application was launched with code query param but is not a continued login process.
114 Login Failed. PKCE parameters are missing, please check if CORS setting is properly configured in Fabric Identity.
116 Appconfig is null or undefined.
117 No metadata was found to continue with single window login.
118 No Auth Code found in the Url.

 

Get Backend Token

// Sample code to get backend token for provider
var userid = < username_for_logged_in_provider > ;
var password = < password_for_logged_in_provider > ;
var forceFromServer = true / false;
authClient.getBackendToken(forceFromServer, {
    "userid": userid,
    "password": password  
}, function(response) {
    console.log("Backend token is  :" + JSON.stringify(response));  
}, function(error) {    
    console.log("Failed to get backend token : " + JSON.stringify(error));
});

NOTE: If forceFromServer is true, then the SDK fetches the token from the server. If forceFromServer is false, then the SDK gives you the token present in localStorage. Please note that only few backend providers such as Salesforce support refresh. If a backend provider does not support refresh, passing forceRefreshFromServer=true would result in empty response from this API.

NOTE: The authClient is the IdentityService object.

User Profile

 // Sample code to get user profile details
var forceFromServer = true / false;
authClient.getProfile(forceFromServer,
    function(response) {
        console.log("User profile is  :" + JSON.stringify(response));
    }, function(error) {
        console.log("Failed to fetch profile : " + JSON.stringify(error));
    }
);

NOTE: If forceFromServer is true, then the SDK fetches the token from the server. If forceFromServer is false, then the SDK gives you the token present in localStorage.

NOTE: The authClient is the IdentityService object.

Get Provider Name

 // Sample code to get provider name
Var providerName = authClient.getProviderName();

NOTE: The authClient is the IdentityService object.

Get Provider Type

 // Sample code to get provider type
Var providerType = authClient.getProviderType();

NOTE: The authClient is the IdentityService object.

Logout

//Sample code to logout from auth service

var serviceName = "identity_service_name";

//Get an instance of the SDK
var client = kony.sdk.getCurrentInstance();
var identitySvc = client.getIdentityService(serviceName);
var options = {};

//Configure logout options
options["logoutOptions"]["customOAuthParams"] =
{
	"key2":"value2",
	"key3":"value3"
};

//Invoke the logout API
identitySvc.logout(function(response)
{
	kony.print("Logout success: " + JSON.stringify(response));
}, function(error)
{
	kony.print("Logout failure: " + JSON.stringify(error));
}, options);

NOTE: The authClient is the IdentityService object for the loggedIn provider.