A Few OAuth Notes

While I was working with a fellow developer building an integration for IBM Connections on premises, I found out about a couple of key items with the OAuth Provider.

1 – You can see a JSON Array of the Current User Tokens, when logged in as that user.

Navigate to https://sbdev.server:444/oauth2/authzMgmt/connectionsProvider

Login to IBM Connections

Look at the JSON Data to see the Granted Applications for the Logged in User


2 – You can see all the applications which are granted user oauth tokens – automatically authorized and manually authorized.

Navigate to https://sbtdev.server/common/oauth/apps?autoAuth=true

3 – OAuth Whitelists

http://www-01.ibm.com/support/docview.wss?uid=swg21627911 , you can update your OAuth whitelists based on the client-id you set.

“As a measure to reduce hassle to users for trusted OAuth clients, IBM Connections implements an extension to the OAuth protocol that allows whitelisted clients to skip the authorization request when utilized from within the Connections user interface. In order to list an application as a trusted auto-authorization enabled client, an administrator must perform steps that are covered by the product documentation topic http://www-10.lotus.com/ldd/lcwiki.nsf/dx/Registering_an_OAuth_client_with_a_provider_ic40 .

Edit the connectionsProvider.xml in the Deployment Manager profile.


Synchronize your nodes, and restart the server.

Volia… you have

Finally you can read more about OAuth at  http://www-01.ibm.com/support/knowledgecenter/SSYGQH_5.0.0/admin/admin/t_admin_registeroauthclientwprovider.dita

IBM SmartCloud Connections using Ruby

Recently, I was asked by a partner integrating with IBM SmartCloud for Social Business‘ IBM Connections Files service how to do so in Ruby.   I thought this brief demonstration code would help Ruby developers build a compelling integration.

Note, I have already gone through the OAuth Dance and generated an OAuth Bearer Token. I have expired this particular token so as to make the code safe for republishing.

Getting Started With Activity Streams and OAuth

Activity Streams is a way to generate a social record of what happened and what’s happening around a person or group of persons (community). The social record is super powerful when combined with business applications that provide updates on behalf of users. IBM paired these activity streams with OpenSocial so that a well formatted context automatically triggers actions with third party backends. On Click, there is a third party embedded application, called an embedded experience.

Examples are – updates that there is a CRM Opportunity that requires your attention.

To get the deep dive… Bill Looby wrote a nice a presentation which outlines the Activity Stream [ Link ] and Paul Godby wrote a nice presentation [ Link ]

In IBM Connections, the key protocol for 3rd party developers to securely access to a user’s data is oAuth 1.0a and oAuth 2.0. The supported oAuth flows are described here.

I explained oAuth for those unfamiliar in more detail in this presentation You should walk away with a good understanding of oAuth and Activity Streams, when combined the powers are immense.

IBM Connections 5.0 available….

IBM Connections 5.0 is now generally available.  You can search for the package IBM Connections 5.0 Multiplatform or part code CRS4IML .   IBM Connections 5.0 is a major release and builds and extends the IBM’s social software platform.  There are some very cool new features which interest developers:

External users participate fully in an IBM Connections Communities
@mention views are available to draw attention
File Sync Support


New API Documentation Format and Updates to the APIs

I also recommend you look carefully at the new format for the API documentation.  It’s snazzy and helpful, for instance the Following API
API Format

IBM Connections 5.0 Infocenter
IBM Connections 5.0 API Documentation
Detailed System Requirements are to be posted to http://www-01.ibm.com/support/docview.wss?rs=899&uid=swg27012786

Creating a New Wiki Page as a Child

A partner asked how he could create a new wiki page with a specific parent. 

API Details
URL: https://{hostname}:{port}/wikis/basic/api/wiki/{wiki-label}/feed
Method: POST
Content-Type: application/atom+xml

You may have to add the X-Update-Nonce header.  

You have to update the XML with the parentUuid – eg bd586bb6-d9b2-4527-b9a0-0f9b0d3c1e3f

When you complete the post, you’ll have a new page with a parent page.