Set up access to Application API (IIS)

After you have created API endpoints, you can access data in Intrexx externally, via a smartphone app, for example.

Authorization is required to access the Intrexx Application API. This will only be done against Intrexx. It is not possible to use the Windows authentication integrated in the IIS is for authorization in the Intrexx Application API.

Below you will find a description of how to proceed if you are using IIS with integrated Windows authentication.

Baseline scenario

This description is relevant for you under the following conditions:

  • You are running Intrexx under Windows.

  • You are using IIS (Internet Information Service) as the front-end web server.

  • You are using the Windows authentication built into IIS.

  • You are using the Intrexx Application API.

(See also the sections Intrexx architecture and Windows - Configure IIS (Internet Information Services))

Authentication to the Intrexx Application API

Authentication to the Intrexx Application API is not possible via the Windows authentication integrated in the IIS. Instead, you must set up anonymous access for the Intrexx Application API in the IIS. In this case, the authentication only takes place against Intrexx. This is possible either via the API keyAuthentication via API keys) or via API loginAuthentication via API login endpoint and cookies (without API key)).

Key steps

  • Create directories in the portal directory

  • Define settings for authentication in IIS

  • Customize the web.config file belonging to the portal

  • Customize the applicationHost.config file associated with Windows

  • Delete the previously created directories in the portal directory

Set up anonymous access in IIS

Step-by-step guide

To set up anonymous access to the Intrexx Application API in IIS, proceed as follows:

  1. Start the windows explorer.

  2. Create the "api" directory in the portal directory under "external > htmlroot" and the "app" directory within it.

    The directory structure should look like this:

    <intrexx installation directory>\org\<portal-directory>\external\htmlroot\api\app

  3. Start IIS.

  4. Select the "api" directory .

  5. Double-click on "Authentication" at .

    This takes you to "Authentication.

  6. Set the status of "Anonymous authentication" to "Enabled".

  7. Set all other authentication entries to "Deactivated".

  8. Proceed in the same way with the "app" directory.

  9. Go back to the window explorer.

  10. Change to the directory<intrexx installation directory>\org\<portal-directory>\external\htmlroot.

    web.config

  11. Open the "web.config" file.

  12. Insert the following code before the closing tag </configuration> in the file:

                          <location path="api"> <!-- relative to where the web.config file is located -->
      <system.web>
        <authorization>
          <allow users="*" />
        </authorization>
      </system.web>
      <system.webServer>
        <security>
          <authentication>
            <windowsAuthentication enabled="false" />
            <anonymousAuthentication enabled="true" />
          </authentication>
        </security>
      </system.webServer>
  </location>

  13. Then save the file.

  14. Change to the directory %WinDir%\System32\Inetsrv\Config.

    ApplicationHost.config

  15. Open the "ApplicationHost.config" file.

  16. Set the following properties of the <sectionGroup name="security"> or <sectionGroup name="authentication"> from "Deny" to "Allow":

    <section name="access" overrideModeDefault="Allow" />
<section name="anonymousAuthentication" overrideModeDefault="Allow" />
<section name="windowsAuthentication" overrideModeDefault="Allow" />

  17. Then save the file.

  18. Restart IIS.

  19. Delete the "api" and "app" directories previously created in the portal directory under "external > htmlroot".

More information