Skip to main content
Completed

Private Certificate when using HTTP connector

Related products:Software FactoryWindows GUIIntelligent Application ManagerIndicium Service Tier
Bas
Vanguard
  • BasVanguard
  • Vanguard
  • 19 replies

For a client we need to connect to the HDN network (Hypotheker Data Network).

We have been able to simulate the required communication with the network using both Postman and Insomnia but are running into some issues building this connection using Thinkwise. (Simulation available on request)

The root cause of this issue is the fact that connecting to the network requires the use of a private certificate as authentication. In postman this means installing a certificate issued by HDN and the private key of that certificate. Postman will use this certificate for all calls to the provided domain. Based on this certificate an access token is provided for use with the API.

When sending a message to the network (base64 encoded XML) the network also required me to attach a signature of the message to the json encoded request.body. 

  • We currently see no option for sending out http request from Thinkwise using a private certificate.
  • We have been unable to create message signatures based on the private key of a certificate.

I can understand if this issue is niche and not suited for the general branch of the Thinkwise release and a custom CLR would probably ben completely workable for us. Or do any of you have any briliant ideas that we haven’t come up with yet?

(Ideally this would also work for the Oauth login connector as that it what we’re trying to do.)

Did this topic help you find an answer to your question?

6 replies

Mark Jongeling
Administrator
Forum|alt.badge.img+23
Updated idea statusNewOpen
"Wake me up before you low-code" | On holiday 06-02 till 27-06
Bas
Vanguard
Forum|alt.badge.img+3
  • BasVanguard
  • Author
  • Vanguard
  • 19 replies
  • September 29, 2021

Just to provide an update. We currently have a working solution using a AWS LAMDA microservice. 

This microservice acts as a proxy server. Thinkwise sends the request over to the proxy server, the proxy forwards this and uses a provided private certificate and returns the received response.

Works like a charm. ;)

Freddy
Forum|alt.badge.img+16
  • Freddy
  • Thinkwise Local Partner Brasil
  • 531 replies
  • May 16, 2024
Bas wrote:

For a client we need to connect to the HDN network (Hypotheker Data Network).

We have been able to simulate the required communication with the network using both Postman and Insomnia but are running into some issues building this connection using Thinkwise. (Simulation available on request)

The root cause of this issue is the fact that connecting to the network requires the use of a private certificate as authentication. In postman this means installing a certificate issued by HDN and the private key of that certificate. Postman will use this certificate for all calls to the provided domain. Based on this certificate an access token is provided for use with the API.

When sending a message to the network (base64 encoded XML) the network also required me to attach a signature of the message to the json encoded request.body. 

  • We currently see no option for sending out http request from Thinkwise using a private certificate.
  • We have been unable to create message signatures based on the private key of a certificate.

I can understand if this issue is niche and not suited for the general branch of the Thinkwise release and a custom CLR would probably ben completely workable for us. Or do any of you have any briliant ideas that we haven’t come up with yet?

(Ideally this would also work for the Oauth login connector as that it what we’re trying to do.)

 

I would like to see the Thinkwise platform support his. I'm looking at integrating with some Brazilian banks and client certificates are sometimes a requirement. 

@Anne Buit @Vincent Doppenberg  any advancements on this topic?  

A URL of one of banks with a visual representation of their implementation https://developers.inter.co/assets/images/6b89d59-Diagrama_de_Funcionamento_API.drawio-f4ef0dbdddafdb29537d83869945698e.png

 

 

LEF — Lift. Empower. Fulfill. [lef.digital]
Anne Buit
Community Manager
Forum|alt.badge.img+5
  • Anne Buit
  • Community Manager
  • 653 replies
  • May 17, 2024

Hi all, in the upcoming 2024.2 release, we’ve added ‘Web connectors’, which allows a developer to set up reusable API calls. Part of this is support for client certificates on these API calls, including an (encrypted) passphrase.

Support for client certificates for OAuth2 providers is not included in this release. However, an OAuth2 client credentials flow can alternatively be set up as a web connector to be able to leverage a client certificate.

Support for signing an XML document using a certificate should be seen as a separate capability. Please submit a new idea for this.

Freddy
1 person likes this
  • Freddy
    Freddy
Anne Buit
Community Manager
Forum|alt.badge.img+5
  • Anne Buit
  • Community Manager
  • 653 replies
  • May 17, 2024
OpenNext release
Jeroen van den Belt
Administrator
Forum|alt.badge.img+9
Next releaseCompleted

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings