Related Documents
Document Properties
Kbid
2965N3
Last Modified
31-May-2022
Added to KB
01-Oct-2020
Public Access
Everyone
Status
Online
Doc Type
Guidelines, Concepts & Cookbooks
Product
ICM 7.10

Guide - 7.10.22.0 REST Requests with JWT

Table of Contents

Product Version

7.10

Product To Version


Status

1 Introduction

SSO will be introduced step by step. This release contains the SSO for REST.

2 Migration

The migration for existing systems does not need to execute dbmigrate. But the implementation for the PWA or other REST clients must be adapted. The following features should be adapted or at least tested:

  • Login
  • Authentication for all requests
  • Logout

Old token handling can be replaced by JSON-Web-Token for local ICM registration. This feature will consolidate the authentication process and enhance the security of the token handling by using strong encryption methods to build and validate the signature of the authentication token.

2.1 Documents

3 Availability of SSO

This page contains a collection of version numbers related to supported SSO features.

Feature/ApplicationKeycloakAzure AD B2BAzure AD B2CAuth0
SMC7.10.18.07.10.21.07.10.23.07.10.23.0
Operations7.10.19.07.10.21.07.10.23.07.10.23.0
Enterprise Backoffice7.10.19.07.10.21.07.10.23.07.10.23.0
Channel Backoffice7.10.19.07.10.21.07.10.23.07.10.23.0
REST (Backoffices)7.10.22.07.10.22.07.10.23.07.10.23.0
PWA


(soon)*
uniqueness of email address



)* in development


BackofficeREST SFinSPIRED B2BinSPIRED B2C
Fully7.10.23.07.10.26.1-LTS

Registration

7.10.26.1-LTS

IS-30868 - REST Self Registration of SSO user and explicit B2B customer

7.10.28.1

IS-30973 - inTronics Business Self Registration of SSO user and B2B customer

IS-32132 - Registration inSPIRED_Business doesn't work with Auth0

7.10.30.0

IS-32141 - Register B2C Customer

Login

7.10.26.1-LTS

IS-30868 - REST Self Registration of SSO user and explicit B2B customer

7.10.28.1

IS-31474 - inTronics Business Login of SSO user and B2B customer

7.10.24.2

IS-30734 - Login via inTronics B2C and SSO

Logout

7.10.24.2

IS-31250 - Changes in Authentication REST API Broke Backward Compatibility

7.10.x

IS-31475 - inTronics Business Logout of SSO user and B2B customer

7.10.28.0

IS-31028 - Logout Options for SSO - inTRONICS

Invite

7.10.26.1-LTS

IS-31184 - Invite Backoffice User for Enterprise

IS-32143 - Invite Backoffice User creates new user instead of linking existing

7.10.26.1-LTS

IS-30109 - REST Invite other user of B2B buying organization

7.10.x

IS-31473 - inTRONICS Business Invite other user of B2B buying organization

IS-32145 - Invite B2B customer for inTRONICS Business via backoffice


IS-32144 - Invite B2C customer for inTRONICS via backoffice

Internal Features

ICM VersionContent
7.10.22.0ICM produces JWT token for own REST API

Next Items on Roadmap

ApplicationDescription
PWAImplement and Integrate SSO flows with Auth0 
ICMIntegrate SSO authentication into REST API for Storefront Applications



Disclaimer

The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.

Customer Support
Knowledge Base
Product Resources
Tickets