Hey everyone,
I’m working on a JavaScript app for Windows 8.1. It’s meant for our company’s internal use only, no internet needed. The app will run in kiosk mode with low privileges.
I’ve got the CredentialPicker working to ask for user info. Now I need to connect to our company’s WebAPI REST service, which uses Windows Integrated Authentication.
My question is: How do I use the credentials from CredentialPicker to make requests to this service?
I’m kind of stuck and could really use some advice. Has anyone done something similar before? Any tips or code examples would be super helpful.
Thanks in advance for your help!
heya emmat83, ive done smthin similar before. u can use the Windows.Security.Credentials namespace to handle the auth. after gettin the creds from CredentialPicker, use WinJS.xhr to make requests. set the withCredentials property to true in the xhr options. that shud work for ur windows auth setup. hope this helps!
I’ve tackled a similar challenge in my work. One approach that worked well for me was using the Windows.Web.Http.HttpClient class in combination with the Windows.Security.Credentials.PasswordVault.
First, store the credentials securely in the PasswordVault after getting them from CredentialPicker. Then, when making requests, retrieve the credentials and use them to create a Windows.Web.Http.HttpBasicAuthenticationFilter. Apply this filter to your HttpClient instance.
Something like:
var vault = new Windows.Security.Credentials.PasswordVault();
var cred = vault.retrieve(“yourResourceName”, “username”);
var filter = new Windows.Web.Http.Filters.HttpBasicAuthenticationFilter(cred.userName, cred.password);
var client = new Windows.Web.Http.HttpClient(filter);
Then use this client for your API calls. This method has worked reliably for me in similar internal enterprise scenarios. Just remember to handle exceptions and token expiration appropriately.
For your Windows 8.1 JavaScript app, integrating Windows Authentication with a WebAPI REST service requires careful handling of credentials. After obtaining them via CredentialPicker, you’ll need to use the Windows.Web.Http.HttpClient class instead of WinJS.xhr, as it supports Windows Integrated Authentication natively.
Create an HttpClient instance and utilize the SetRequestHeader method to add the ‘Authorization’ header with the necessary credentials. You can then use this client to make authenticated requests to your WebAPI. Ensure that you handle errors gracefully, particularly for network-related issues, and follow best practices for managing credentials securely.