Four Stars

Question - OAuth2.0 implementation in Talend ESB

Hi,

I have a requirement where I have a number of RestFul API's that need to be exposed using Talend ESB. The services have been created and I have deployed them on Karaf container, no problem there. But, I need a user based authentication layer like OAuth2 to authenticate those requests. The web app that calls the Rest services is on a remote server. So basically, I need an auth server that is validating all incoming requests before Talend gives back the protected resource.

 

Can anyone please tell me if this something that can be done within Talend or do I need a separate auth server which Talend would call when receiving a request?

1 ACCEPTED SOLUTION

Accepted Solutions
Employee

Re: Question - OAuth2.0 implementation in Talend ESB

Ah sorry. It's part of the commercial offering. There you will find the required Talend Identity and Access Management module allowing you to define and create the (technical) OAuth users, which then can be used as part of a route or data service authorization. Components like cREST or tRestRequest will have the necessary settings.

Thomas Steinborn
VP Product Management
10 REPLIES
Employee

Re: Question - OAuth2.0 implementation in Talend ESB

It can be done starting Talend 6.4, which we released end of June.

Thomas Steinborn
VP Product Management
Four Stars

Re: Question - OAuth2.0 implementation in Talend ESB

I am using Talend Open Studio 6.4.1.

 

Could you please provide some more information on how to implement it?

Employee

Re: Question - OAuth2.0 implementation in Talend ESB

Ah sorry. It's part of the commercial offering. There you will find the required Talend Identity and Access Management module allowing you to define and create the (technical) OAuth users, which then can be used as part of a route or data service authorization. Components like cREST or tRestRequest will have the necessary settings.

Thomas Steinborn
VP Product Management
Four Stars

Re: Question - OAuth2.0 implementation in Talend ESB

Do you mean the Talend Administration Center (TAC)?

Employee

Re: Question - OAuth2.0 implementation in Talend ESB

Nope.

 

Talend Identity and Access Management (TIAM) is a new server module installed next to TAC.

 

Thomas Steinborn
VP Product Management
Four Stars

Re: Question - OAuth2.0 implementation in Talend ESB

So what you are saying is, I need to have the Talend Enterprise package like Talend Data Fabric suite to implement this within Talend. Correct?

Employee

Re: Question - OAuth2.0 implementation in Talend ESB

That's correct. It doesn't have to be Data Fabric but has to be one of Talend ESB (commercial) or Talend Data Services Platform.

Thomas Steinborn
VP Product Management
Seven Stars

Re: Question - OAuth2.0 implementation in Talend ESB

Hi

 

We have the same goal. Is it possible to do it "by hand" anyway with Open source version of TalendESB ? Somewhat using Camel's low level approach ?

Seven Stars

Re: Question - OAuth2.0 implementation in Talend ESB

I have same requirement, need to enable authentication for the API's created in talend. We have 6.4 enterprise version & has Talend Identity and Access Management service. 

 

Question is : how do we tie API authentication with IAM service, 

I see documentation for https://help.talend.com/reader/P_WfH1B7zRdEI74m2jpD7g/dbBgE2hbyjbMGyZeMYJF5A but there is not documentation that links IAM service with below authentication or is this done at TAC level?

 

 esb_authentication.png

Seven Stars

Re: Question - OAuth2.0 implementation in Talend ESB

@tsteinborn Could you please help me out connect the dots here, we have 6.4.1 enterprise version.

 

I have create API endpoint using tRESTRequest & trying to use 'Use Authentication (ESB Runtime Only) Basic HTTP' option to enable authentication on my call, using this reference https://help.talend.com/reader/uwwCVAHxWDS6l5fZQ~lVYA/1CDi6NINp_q5p0PJbdgSnA 

 

tRestRequest_use authentication.PNG
I have IAM service installed as well & have users created on IAM service. now how do I use that to authenticate API calls?

1) Created users on IAM service that is apache syncope
2) Updated TAC configuration to use IAM
3)deployed my API endpoint in ESB runtime as service
4)Added this endpoint under ESB Infrastructure-->Authorization & assigned permission to corresponding IAM user

now when I tried to test this call by passing authorization parameter as base64, I still gets 401 Unauthorized.