Develop projects with auth sessions
Introduction
Learn how to develop projects that use auth sessions.
Before you start this document, the following is recommended:
- Understand core Intuned concepts
- Understand Auth session types. Specifically, understand the difference between credentials-based auth sessions and recorder-based auth sessions and when to use each.
Using auth sessions in Intuned projects
Intuned projects can either be developed with or without auth sessions. If auth sessions are enabled, then all the project APIs will require a valid auth session to be passed in the request for the API to be executed. We do not support projects that have only some APIs that require auth sessions and some that do not.
Enabling auth sessions in a project
-
To enable auth sessions in a project that was created without auth sessions, you can enable it in the project settings. In the
Intuned.json
settings you will find auth session configuration pane. -
Once auth sessions are enabled, you need to pick up the auth session type to use from the dropdown that will appear. This is set to Credentials-based auth session by default.
After enabling auth sessions
Upon enabling auth sessions and selecting the strategy new capabilities will be enabled in the IDE.
- Folder named ‘auth-sessions’ defines the auth workflow. The strategy will determine how much of the auth workflow will need to be defined.
- Auth sessions dropdown manages auth sessions in IDE, and is only made available when running APIs defined in the
api
folder. - Run settings contains new controls to define auth session behavior when running APIs in the IDE
Check/Refresh as part of the API - match deployed behavior
:
This option allows you to emulate production behavior and ensure that the auth session check is made before executing the API, and if the check fails it will attempt to refresh as well. It is recommended to use this to test failures caught in production.Load auth-session and run API - skip check/refresh
:
This option skips the check and refresh behavior that is standard in production. It is recommended to use this as you are developing the project.Reuse session if open
:
This option should be selected if you’ve already authenticated in the browser session and just want to continue from where the browser is currently.
Credentials-based auth session
If Credentials-based auth is selected, then auth-sessions
folder will following APIs that need to be defined:
create.ts
- needs to contain the end to end automation workflow that can navigate to the target service, enter user’s credentials, resolve any challenges, and complete authentication.check.ts
- needs to contain a simple workflow that is able to validate that the auth session is valid.refresh.ts
- needs to contain the workflow required to update or refresh the auth session.
Learn how to create an Credentials-based auth session in the IDE.
Recorder-based auth session
If Credentials-based auth is selected, then auth-sessions
folder will only contain the following API that need to be defined:
-
check.ts
- needs to contain a simple workflow that is able to validate that the auth session is valid. -
The
create.ts
API doesn’t need to be defined because the recording experience will prompt the end user to enter their credentials on a streaming browser. Upon completion of the sign in flow the auth session will be captured and the pop up browser will be closed. -
The
refresh.ts
API doesn’t need to be defined because Recorder-based auth sessions do not support refreshing expired auth sessions.
Learn how to create a Recorder-based auth session in the IDE.
Running APIs in project with auth sessions
Before deploying the project, you must validate the auth sessions and APIs in the IDE. Follow the steps below:
- Create cred based or recorder auth session in the IDE.
- Run the APIs in the IDE and validate the output in the IDE
Deploying and validating auth sessions
Upon validating the auth session in the IDE you can deploy the project. Then when the project is deployed, it is recommended to create an auth session in production and validate the APIs. Follow the steps below:
- Create auth session for deployed project
- Run an async API to validate the authenticated APIs.