From 6f6284819d1562a1761a075d94030c0a728d399e Mon Sep 17 00:00:00 2001 From: Aritri Hore Date: Tue, 26 Nov 2024 10:38:11 +0530 Subject: [PATCH] [MNT-24470] Add Note to reflect that Basic Auth with Identity Services is no longer supported --- process-services/latest/config/authenticate.md | 2 ++ process-services/latest/develop/rest-api.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/process-services/latest/config/authenticate.md b/process-services/latest/config/authenticate.md index 88e2bb916e..ecc6b5df10 100644 --- a/process-services/latest/config/authenticate.md +++ b/process-services/latest/config/authenticate.md @@ -13,6 +13,8 @@ The authentication methods that can be configured for Process Services are: Process Services can be configured to authenticate using the [Identity Service]({% link identity-service/1.2/index.md %}). +>**Note:** Starting from Alfresco Process Services 24.1, basic authentication is no longer supported when `activiti.identity-service.enabled` is set to `true`, as part of replacing Keycloak adapter with Spring security. This includes access to the REST APIs, for which you will first need to obtain a token from Identity Services. + The Identity Service allows you to configure user authentication between a supported LDAP provider or SAML identity provider and the Identity Service for Single Sign On (SSO) capabilities. The Identity Service needs to be [deployed]({% link identity-service/1.2/install/index.md %}) and [configured]({% link identity-service/1.2/config/index.md %}) with an identity provider before being set up with other Alfresco products. diff --git a/process-services/latest/develop/rest-api.md b/process-services/latest/develop/rest-api.md index d24c1f8086..9296a54dbf 100644 --- a/process-services/latest/develop/rest-api.md +++ b/process-services/latest/develop/rest-api.md @@ -22,6 +22,8 @@ You can use any of the following methods for REST API user authentication: * [OAuth 2 SSO](#oauth-2-sso-overview) * Impersonation +>**Note:** Starting from Alfresco Process Services 24.1, basic authentication is no longer supported when `activiti.identity-service.enabled` is set to `true`, as part of replacing Keycloak adapter with Spring security. This includes access to the REST APIs, for which you will first need to obtain a token from Identity Services. + If you are using basic authentication, you must set all requests with the `Authorization` header. If you are using OAuth 2 to authenticate users for SSO, see [OAuth 2 SSO](#oauth-2-sso-overview) for more information.