1. OAuth2 based Web Services Access Authentication
  2. Enabling OAuth Setup Configurations
  3. Embedding External Application within OFSLL

3.6 Embedding External Application within OFSLL

As part of subsequent releases of OFSLL, to embed external application within OFSLL base application, we would provide one external link each under origination, servicing and collection modules. The associated menu links can be enabled through access screens.

Table 3-9 Menu Access Keys

Menu Access Keys
FLL.ORG.EXT.ONE.MENU
FLL.SER.EXT.ONE.MENU
FLL.COL.EXT.ONE.MENU

The URLs for External Link will be defined through System parameters. The following URL keys need to be defined with proper external link.

Table 3-10 URL keys

URL Keys Example
FLL.ORG.EXT.ONE.URL http://<<hostname>>:<<port>>/<<contextpath>>/index.html
FLL.SER.EXT.ONE.URL http://<<hostname>>:<<port>>/<<contextpath>>/index.html
FLL.COL.EXT.ONE.URL http://<<hostname>>:<<port>>/<<contextpath>>/index.html

Note:

The base OFSLL SSO application would send the user identity token called ‘authorizedCode’ through the URL query parameter which should be read by external application to generate the actual access token (by calling authentication service) in order to access protected OFSLL Rest API.

Request JSON payload for JWT_BEARER grant type

{
"AuthRequest": {
"Assertion":"eyJraWQiOiJkZWZhdWx0IiwieDV0IjoiYkw5VDI4bHhMQjJ0cW5xd2d4Y0FO
QnotQXZzIiwiYWxnIjoiUlMyNTYifQ.eyJleHAiOjE1NDU2NzQ1MDEsImp0aSI6ImRDcUFa
bERSVFdrX2lwd21aTDBfVHciLCJpYXQiOjE1NDU2NzA5MDEsInN1YiI6Ik9GU0xMU1V
QUiIsInNlc3Npb25faWQiOiJEelVmNlZyN05FQ2NHYnVBbVVINU9RPT1-
NmdhemlUU2Y1OVdPb0FLZHRhc0h0R3R4L3p6TktSK0lEZDd5OG1OemRPZ2FMQUk2
NjlIRytEbzY0NFdGV3NWMTMwS1pUbDJrTWd1OHp5TTFEaWtteFdtYVUrK0dyUXlidGo
3WVB6dlRwdzlmbFVMT3d1cEFBbUpqMi9VLzlVYVUiLCJkb21haW4iOiJkZWZhdWx0In0
.Qi4gJ4kiEcaxgs51fRU3633RcPMDNjqOpRrnzBOq8M9pKIeRmNe2Zyu7ikBXqIjFMd0Iz-
N9hUgvD9i8-5lPeEER15_FqLsPtoCUX3u8NuPPfzqA_xT2LTcc0-
6AdGz7QrsqAU_qr3n2FGF5qhwiHU7437X_AzoMBwTYovWsl8Rjra_tdWoCMsMRisN7x
qIeW7Jk3aWYQeoOHbwfuVqDE18m67du9rUszNUrX483KXwCfZL1ffbqYIFYIGekGpm4
AbCq5aazK8-HtrmzKyt-
Q1Monx2dOrUorLKm6AtKXTOqdrA2YwASYM96A4ENLTdxjcIyTUDcwIu4WgeBUcwJzw
",
"GrantType" : "JWT_BEARER"
}
}

Mandatory Request Headers

Table 3-11 Mandatory Request Headers

Headers Expected Value
X-OAUTH-IDENTITY-DOMAIN-NAME OFSLL_OAUTH_DOMAIN
Authorization Bearer <Base64encoded value of client credentials>

Response JSON payload

{
"AuthResponse":{
"Token":
"eyJraWQiOiJPRlNMTF9TU09fVEVTVF9ET01BSU4iLCJ4NXQiOiJjQldCa0pqV2JVdHR
HczFmZFdlYzdteE0tMWsiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbXVtMDBja
WUuaW4ub3JhY2xlLmNvbToxNDEwMC9vYXV0aDIiLCJhdWQiOltdLCJleHAiOjE1NDU2
NjI4MTgsImp0aSI6InZGZ082eUlFb0k2X0xoZ3czcmczTUEiLCJpYXQiOjE1NDU2NjI3NT
gsInN1YiI6Ik9GU0xMU1VQUiIsIk9BVVRIX1RPS0VOIjoiZXlKcmFXUWlPaUprWldaaGRX
eDBJaXdpZURWMElqb2lZa3c1VkRJNGJIaE1RakowY1c1eGQyZDRZMEZPUW5vdFFY
WnpJaXdpWVd4bklqb2lVbE15TlRZaWZRLmV5SmxlSEFpT2pFMU5EVTJORFF4T0RBc
0ltcDBhU0k2SWpGSlZWbGlibXBFWkVwWVdWQk5TblJvUkVOTmIzY2lMQ0pwWVhRa
U9qRTFORFUyTkRBMU9EQXNJbk4xWWlJNklrOUdVMHhNVTFWUVVpSXNJbk5sYzN
OcGIyNWZhV1FpT2lJemNWRXplbVZ2TldWWlEzVnJhbk5qUW1aRWFFSlJQVDEtU2sx
amJHMW1TMW8wUmxKUk9GTnJSVXBPVXpCdGR6MDlJaXdpWkc5dFlXbHVJam9pW
kdWbVlYVnNkQ0o5LlpHQWdTZGR5S0szRGplMlZsTUlmbzMxTTV0cFBpaXluUVpGY2R
ibEFiV2xhektPWVFzb2hqbzdrODQxQm9SMWUtWXZWLXpWbk5hamhCYy1CbzAwZlNs
VDdsVmNmRXA2ekxUdENHRnc1MkNZRXpfOHpYdjc1YkF2Q2FWeGRvZnlUaGFhdFox
cVF5Qm5TLUJ1MGdKNjJSOThkaDFwY1FOSmFhWDZ1RkxkSGVoVUlDY1pNLUJwbU
drbi01TXhHcm5fQnloT2oxc0JnRjZ1SWY0N3d6NUlNOU4zODdHQ29WZDBPR3c0QXlm
VVk2T2FGSlNOS1hYbnpsYUVDTkktMEJmQXhFQklSX1oxVE1wZEdSOHkwaHltMWNT
SzRGYkJjYnQxZnlhYmdLMG1SQ0tFVHdMWFJrcnFMcmkxTnVtbjNKeFhmZVBsWTVJT
m1ndDA2U1BVaFpYUEU2ZyIsImN1c3RvbWVBdHRyMSI6IkN1c3RvbVZhbHVlIiwic2Vzc
2lvbklkIjoiQ09PS0lFX0JBU0VEIiwicmVzU3J2QXR0ciI6IlJFU09VUkNFQ09OU1QiLCJjbG
llbnQiOiJPRlNMTF9CMkJfSkVUX0NMSUVOVCIsInNjb3BlIjpbIk9GU0xMX1NTT19URVN
UX1NFUlZFUl9CMkIuQWNjb3VudERldGFpbHMiXSwiZG9tYWluIjoiT0ZTTExfU1NPX1R
FU1RfRE9NQUlOIn0.BKsWO1yBEmc_f0jCdG16DxzkTkkN805VmYlBbyMmmMqnziNsyc
orlzHAZ0RHTDqNLjKdq--
wxzTNQK4PRM9ChBeHKBCU5dzHD64ddbscyt0YxpdPnF0grMZHipIoNC_-
nZxyZRbLI5aQeGPXOZ4qtPEZ1ggBkgoXXa16eJ2JLZbYOtcvPbLcbkfHpMCzwOzi_
o0t30KG9T1931NyMaCvYp4O-ZODTneHc9-
c7cJaj2zVhkOFej796TTrEHV4jv7p2OTsawkm8vSYmRBv5K1J8M_a1PgEIuqc4kS6d0op
UAJOKT6C356OMdEpeO_zkXGyfodUFKojdG3PWHXG0O7ww", "Expires_in": 3600,
"TokenType": "Bearer",
"Result": {
"Status": "SUCCESS",
"StatusDetails": "Token Generated Successfully"
}
}
}

Parent topic: Enabling OAuth Setup Configurations