IBM Connections is a social software platform that can help your organization engage the right people, connect with groups of people and share content and embedded experiences. The platform enables the user to make everything social, quickly search for relevant information, and unlock creativity.
The platform provides the user the following services:
Service | Purpose |
Activities | Organize content and prioritize tasks related to a project goal. |
Blogs | Online journals that you can use to share information within an organization |
Bookmarks | Use to save, organize, and share Internet and intranet bookmarks. |
Communities | Get together with people who share your interests. |
Files | Share and collaborate on files. |
Forums | Share information, brainstorm ideas, and discuss topics of common interest. |
Profiles | Find expertise and connect with people. |
Wikis | Create and collaborate on content in wikis. |
Search | Quickly Find user generated content |
Homepage | Get the latest news and updates from your network and the wider organization. |
Developers wishing to integrate with these services can use the IBM Connections APIs. To connect to the enterprise ready social platform and participate in the social platform's service, a developer simply calls the corresponding REST API, and reads, creates, updates or deletes data. Certain calls to REST APIs require authorization, and the proper mechanism to access the data.
The various mechanisms to access the data are:
Mechanism | Summary |
Anonymous | Making the request to the publicly accessible APIs, such as get profile information
Does not work for create, update, delete |
Basic | A Base64 hash of a username and password, such that each request contains the header
Authorization: Basic userid:password
encoded with base64 |
OAuth | Using a Secret Key specific to an individual application
Header with Authorization: OAuth |
Single Sign On Token | Using an already generated token called LTPAToken, the WebSphere process automatically grants access when a request is created. |
The IBM Social Business Toolkit SDK abstracts the mechanisms into endpoints and makes it easier to generate the requests to the services. A developer can quickly switch between the endpoint style. http://ibmsbt.openntf.org
This article focuses on the use of OAuth when developing with IBM Connections API. The article is presented in three sections - Adminsitrative Setup, OAuth Endpoints, URL Patterns.
Administrative Setup
The setup here enables an administrator to create a specific key for each application; rather than give each application complete access to the entire system.
The administrator needs to launch the interactive session for WebSphere Admin client, where USER is the administrator user for the cluster, PASSWORD is the password for the admin, and CON_PROFILE_DM is the location on the Deployment Manager of the Deployment Manager profile.
cd ${CON_PROFILE_DM}/bin/
${CON_PROFILE_DM}/bin/wsadmin.sh -user $USER -password $PASSWORD -lang jython -port 8879 -conntype SOAP
When the interactive session is started, run the following command:
import sys
execfile('oauthAdmin.py')
OAuthApplicationRegistrationService.addApplication(CLIENTID,APPLABEL,URL)
clientSecret = OAuthApplicationRegistrationService.getApplicationById(CLIENTID).get('client_secret')
print clientSecret
CLIENTID should be a unique ID used by the application such as MYAPP1.
APPLABEL is a descriptive label such as "My Application for Connections".
URL is the callback URL for the application in the OAuth process, such as
http://myhost.com/sbtbasedapp/service/oauth20_cb
Once you see the print out of the clientSecret, you use this in your OAuth session.
if you are using the IBM Collaboration Quickstart for Social Business, you
qsSample1 is the client id, MyApp1 is the label without spaces, and the final bit is the url.
OAuth Endpoints
In the OAuth flow, a user needs two URLs: the authorization and the accessToken. These oauth urls are available on each IBM Connections instance.
The authorizationURL is
https://HOSTNAME.DOMAINNAME:PORT/oauth2/endpoint/connectionsProvider/authorize
The accessTokenURL is
https://HOSTNAME.DOMAINNAME:PORT/oauth2/endpoint/connectionsProvider/token
Once the endpoints are used to authorize a user's session, the session is redirected to IBM Connections to have the User Login and authorize the application to access the APIs for a set period of time. Once the grant access button is selected, the user is redirected back
to the callback url which was registered with the deployment manager.
URL Patterns
The basic url patterns are service reference
Such as for the Following api...
Following API
https://SERVER.DOMAINNAME:PORTNAME/SERVICE/follow/oauth/atom/resources
where SERVICE is one such as
activities
API | OAuth API URL |
Following | |
Activities | https://SERVER.DOMAINNAME:PORTNAME/activities/oauth/atom2/activities |
Blogs | |
Bookmarks | |
Communities | |
Files | |
Forums | |
Profiles | |
Related Communities | |
Wikis | |
Search | |
News Repository | |
Connections People | |
ActivityStream API | |
Microblogging | |
Please feel free to login and correct any URL mistakes.
A good reference for PHP - http://vanstaub.me/679
A good reference for XPages - http://openntf.org/XSnippets.nsf/snippet.xsp?id=create-entry-in-activity-stream-from-xpages-via-the-social-sdk-and-oauth2
A good reference for Java/JavaScript - is the http://ibmsbt.openntf.org