question

Upvotes
Accepted
3 0 1 3

Question about Auth Service to App Studio Team

Hello, I'm app developer to want to use AuthService.
I have some questions about AuthService.

(Q1) I want to register our company application in the library. According to 3page of document(AppStudioAuthServiceGuide.docx), I have to send our app information to the App studio team. Where i should send app studio team. If by email, what is the email address of App studio team?

(Q2) In 3page of AppStudioAuthServiceGuide.docx, I have question about config.json.
About Certificate(PEM) and ServerCertificate part, in this part, contents that i should insert are contents which generated by X.509(makecert or openssl), right?
Or just sended by app studio team, when they will send me a config.json file?


(Q3) Examples of AuthService don't include PHP code(only ASP/node.js/JAVA at this URL =https://developers.refinitiv.com/en/app-studio/app-studio-web-sdk/downloads).
Is there a example code of PHP? If so, how can I get the code?

I will appreciate it if answer my questions.
Partial answer is also okay.
Also, if you cannot understand my question, please request me additional explanation.


Thanks.

eikoneikon-app-studio
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvote
Accepted
92 1 2 1

Hi @qraft

(Q1) In general, you can reach the App Studio team at AppStudioProduct@thomsonreuters.com

However, if you are in the App Studio program, it is probably faster and more efficient to work directly with the TR point of contact that was assigned to you in the App Studio Onboarding process (who gave you the demo to the App Studio tools)

(Q2) You can generate and download the config.json file in the App Studio Admin tool in Eikon, once your application is registered in the library

(Q3) It seems you are reading about Authservice V1. I STRONGLY recommend using Authservice v2 instead: https://developers.refinitiv.com/en/api-catalog/app-studio/app-studio-web-sdk/documentation#app-studio-authorization-service-v-2

There isn't PHP examples, but Authservice v2 is much more in line with the SAML2 standards. I don't have any in particular but you can find many examples and third party tools online for this combination, or maybe someone else in the community has answers.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Thanks for your kind reply! It's really helpful.

Upvote
39.2k 75 11 27

(Q3) With Authservice v2 you can use ready available 3rd party SAML federated authentication solutions. Authservice v2 was tested with Shibboleth for IIS and mod_auth_mellon module for Apache. Both are free and will turn integration with App Studio authentication service into an engineering task of installing and configuring 3rd party software rather than a development task. From past experience with numerous App Studio partners who successfully used Shibboleth or Apache mod_auth_mellon, unless you already have expertise in these systems, it's not necessarily any easier to use them then to create your own SAML Service Provider implementation for integration with App Studio Authorization Service.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

I will consider it when i develop! Thanks!

Upvotes
37 1 2 8

Hi,

I am also in the process of integrating my app with the AuthServiceV2.

You recommend using 3rd party tools such as Shibboleth and according to the AuthSevriceV2 guide it was tested against v2.6.0. Shibboleth offers many configuration options and therefore many ways to set it up.

I am wondering (and this would be extremely helpful to anyone implementing an app) if you could provide a guide on setting this up since you have already successfully done it?

The documentation is very light in this area and such a guide would be of massive help.

One more point, if the use of 3rd party tools is not an option for some reason, would you be able to expand the documentation in this area?

Many thanks

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

@emir.subasic
We do not recommend Shibboleth or any other federated authentication solution. We simply state that we tested App Studio Authorization Service v2 with Shibboleth and with Apache mod_auth_mellon.
I'm afraid we cannot provide any guidance on setting up Shibboleth. Even though we've done it successfully, as did numerous App Studio partners, this is not our area of expertise.

From past experience with other App Studio partners setting up Shibboleth can be tricky and it's not necessarily any easier than implementing your own custom code. We can provide code samples in Java and Node.js showing how you can implement federated authentication with App Studio Authorization Service in your code. If you'd like to obtain these samples, please reach out to the Thomson Reuters Developer Advocate assigned to you.

Upvotes
37 1 2 8

Hi Alex,

Thanks for your response. The reason why I mention Shibboleth is because of your last post:

"With Authservice v2 we recommend ready available 3rd party SAML federated authentication solutions such as Shibboleth for IIS and Apache Mellon module for Apache. "

That reads as a recommendation to me and from that I inferred that as you have already verified those 2 3rd party tools it would be a natural selection to go with one of these.

I have reached out to my TR dev advocate who has stated that you do not have any code examples, hence the reason why I am reaching out to the wider community and also providing some feedback on the lack of documentation in this area. I gather from your past experience that people are struggling with this and in the interest of everyone's time it would be good to document some examples for future app developers.

You mention that you have examples in Java and Node.js. Are you able to share these please?

Many Thanks

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

@emir.subasic
You're right, my statement in the answer I posted on this thread back in early 2017 does read like a recommendation, which is misleading. Thanks for pointing it out. I have rephrased my post.
I also shared the code samples with the Developer Advocate assigned to you. You can request these samples from him.

Thats great. Many thanks

Click below to post an Idea Post Idea