How to get access token in script to call-back into FIDC?

JayGudgeon · October 12, 2023, 10:01am

I’d like to build a request to call the endpoint (openidm/managed/alpha_user?_queryFilter=) to get details of an existing user. The requires an access token. Please can you tell me how to get this in my Journey Decision Node?

e.g.

var alphaUserUrl = systemEnv.getProperty(‘esv.fidc.endpoint’).concat(‘/openidm/managed/alpha_user?_queryFilter=userName+eq+%22’ + username + ‘%22’);

logger.message(‘[POL] AlphaUserUrl=’ + alphaUserUrl);

var accessToken = nodeState.get(‘idmAccessToken’);
if (accessToken === null) {
logger.error(‘Access token not in shared state’);
return {
success: false,
message: ‘Access token not in shared state’
};
}

var request = new org.forgerock.http.protocol.Request();
request.setMethod(‘GET’);
request.setUri(alphaUserUrl);
request.getHeaders().add(‘Authorization’, 'Bearer ’ + accessToken);
request.getHeaders().add(‘Content-Type’, ‘application/json’);
request.getHeaders().add(‘Accept-API-Version’, ‘resource=1.0’);

var response = httpClient.send(request).get();

andrew.potter · October 12, 2023, 1:40pm

Hi Jay… here’s a link that tells you how to do this today: Knowledge - ForgeRock BackStage

In the near future, there will be a much easier way to access the IDM (‘/openidm’) data.
It’s just been made available with the v7.4 release of the platform (and will therefore likely make it to Identity Cloud at some point). The docs for it are here: Scripted decision node API :: AM 7.4.0
You’ll see that this does not require the manual effort to acquire the access token before hand, or call REST endpoints. You can use the openidm functions natively within scripted nodes that use the new scripting engine.