Create basic auth, api tokens, jwt via zato api

#1

Is it supported to use the zato public api within services, to create api keys as discussed at https://zato.io/docs/web-admin/security/apikey.html and https://zato.io/docs/web-admin/security/basic-auth.html etc (the zato service auth methods)

Basically, I would like to make a “registration” zato Service, and create an api key in the code of my service for zato to use as discussed at https://zato.io/docs/web-admin/security/apikey.html isntead of creating the key in the admin ui. I guess this is covered in the public api, but can the public api be used from a zato service?

0 Likes

#2

Also the online documentation for the public api appears to dead at the moment: https://zato.io/docs/3.0/api/spec/

0 Likes

#3

Hi Sam,

thanks for spotting the missing link - this is fixed.

As for the API, yes, you can invoke any service, including internal ones, using self.invoke - the workflow is the same as it is described here:

https://zato.io/blog/posts/public-api.html

1 Like

#4

Thanks Dariusz.

Just to be sure I follow:

We need to use zato client, even within a Zato Service and need to employ authentication etc as described in the blog post you linked to, is that right?

0 Likes

#5

Oh my apologies for my understanding gap, I see

https://zato.io/docs/progguide/invoking-services.html

0 Likes

#6

Hi Sam,

yes, you can use each service’s self.invoke to invoke another service, including internal ones that are otherwise invoked via REST APIs. There is no difference, it’s just a different method of accessing the same underlying functionality.

For instance, here you can see that creation of a JSON-RPC channel actually means creating a special kind of a REST channel, so self.invoke is used to call either zato.http-soap.create or zato.http-soap.edit.

1 Like