api/auth endpoint responding with SAML request instead of bearer token
Hello, hope everyone is doing well!
I am attempting to authenticate to the API by invoking the endpoint at api/auth (I have also tried api/auth/login and api/auth/loginadmin
However, instead of responding with the bearer token, it responds with an SSO Authentication Request which I recognize as coming from our SSO provider. See screenshot.
My gut tells me the service account I was provided is misconfigured because there are articles that state “The API has no support for Single Sign On (SSO) authentication for any automated scripting processes. You must use a non-SSO TeamDynamix User-typed account, service account or admin service account to authenticate.”
Is there a way to configure the account to bypass SSO? Is there something wrong with how I'm making the request? We're a bit stuck here. :) Thanks!
Answer (1)
Hello Tamara,
If your goal is to sign in to the API, you definitely need to be pointing it at https://yourdomain/sbtdwebapi/api/auth and not https://yourdomain/sbtdnext/api/auth as that latter version is not an endpoint.
The API definitely does not currently support SSO, so you'd need to be sending the TDX Username and local password for the account in question, and not anything related to the user's SSO credentials.
$Body = @{
'username' = $Credential.UserName
'password' = $Credential.GetNetworkCredential().Password
} | ConvertTo-Json
$IVRsplat.add('Body', $Body) - Tamara Buch Tue 4/12/22 4:50 PM