REST API certificate authentication

MathijsFondo · ‎01-16-2020

For the REST API we have the ability to use basic users and authenticate via basic auth or certificate authentication. I'm trying to implement certificate authentication in my development environment (PHP). To do this the REST API requires an authorization header with a CMS or CMSURL value. I prefer the CMSURL value. This basically means that you sign the canonical URL (after .com and before any URL params) with your private key using PKCS9 (??) signing.

Has anyone succeeded in implementing this in PHP using openssl for example? I did find some examples in c# and Powershell, but I haven't been succesful in implementing this in PHP.

Hope someone can help me or knows how to do this!

maxoubilou · ‎02-01-2020

Hi MathijsFondo,

For me, the best thing, starting with Workspace ONE UEM 2001, is working with Oauth2 authentication.

You currently must have a SaaS tenant (On Premise is coming later)

Another way is using access token with the following API (starting with Workspace ONE UEM 1907 if I remember well): /api/system/admins/session

That way you will get tenant key and access token to request other APis with Bearer authN method.

best regards,

Maxime CROUZET

All

REST API certificate authentication

Device Management