You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.
Blueriq as a Service
In Blueriq it is possible to create your own web services, either via REST or SOAP. Blueriq Runtime supports security on Blueriq as a Service out of the box by adding roles to the webservice definition.
Adding a role to the webservice
To secure a webservice a role must be added to the baa(r)s service. There are two methods to add roles to the service, at the service definition or at the exposed flow which is started from the webservice.
Service definition
A role can be added at the soap/rest service definition.
Exposed flow
A role can be added at the exposed flow (which is started from the service definition). This can be useful if the flow is started from multiple contexts. Otherwise adding the role at the service definition is preferable over this option.
Security endpoints
These endpoints are secured when a role is set.
REST: Runtime/server/rest/Webservice/Operation SOAP: webservices/aaas/Webservice/Operation
The SOAP WSDL is not secured.
webservices/aaas/Webservice/aaas.wsdl
Secured shortcuts
It's possible to secure BAA(R)Ses by providing a property to the shortcus for the baa(r)s:
blueriq.shortcut.<shortcut name>.securityEnabled = true
However, this feature is deprecated in favor of adding roles to the webservice. Defining shortcuts with security enabled will be removed in Blueriq 14.