Hello,
I'm trying to do the "sample Authentication flow" according to the documentation (https://www.netiq.com/documentation/advanced-authentication-64/apidoc/data/apidoc.html)
What is working:
- Create Endpoint
- Create Endpoint Session
- Read User Chains
- Start Logon Process
What is not working:
- Perform the "do_logon" REST-Call
My REST-Call:
POST:
https://[AAF-SERVER]/api/v1/logon/[LOGON_PROCESS_ID]/do_logon
Payload:
{
"endpoint_session_id": "8eTaHqJEO6JYB8TMXZe7Roanwd2uDzUE",
"response": {
"answer": "aafDemo1234!"
}
}
Response:
{ "status": "FAILED", "msg": "Provide a clear password or CHAP/MS-CHAP2 fields", "linked_logon": false, "reason": "LDAP_PASSWORD_UNDEFINED", "plugins": [], "msgid": "AUCORE-2003", "chains": [ { "id_hex": "c0dd7a32ec7a11ecb45b66ee5cacced1", "tenant_id": "def0def0def0def0def0def0def0def0", "is_trusted": null, "is_enabled": true, "name": "Domain Password", "short_name": "", "methods": [ "LDAP_PASSWORD:1" ], "position": 1, "apply_for_ep_owner": false, "image_name": "LDAP_PASSWORD_1.png", "required_chain_id_hex": null, "grace_period": null, "mfa_tags": [], "risk_level": "NONE" } ], "categories": null, "current_method": "LDAP_PASSWORD:1", "completed_methods": [], "logon_process_id": "DCMyxLcsgOM9poX38H64Y35Ow6YXHJav", "event_name": "Helpdesk", "event_type": "Generic", "event_all_categories": true, "event_data_id": "HELPDESK", "data_id": "HELPDESK", "category_id": "", "current_category_id": "" }
I don't know what "LDAP_PASSWORD_UNDEFINED" means exactly, I didn't find any information about it in the documentation. For me it seems that the server does not understand the payload and does not use the password accordingly. Assumption is based on the fact that if I do not send a "response" in the payload, that the error remains the same, as well as the message "provide a clear password". According to the documentation this should be enough.
Anyone has an idea what could be the issue?
BR
Tobias