You can use the API proxy to authenticate calls to Domino APIs using the address and port exposed by the proxy process. If you make a call to Domino and use this proxy, the proxy automatically adds the authentication information (the access JWT token) to the proxied request.
-
The run starts immediately and the token is acquired when the first call is made through the proxy:
$ curl "$DOMINO_API_PROXY/v4/users/self" {"firstName":"Jack","lastName":"London","fullName":"Jack London","userName":"jack-london","email":"jack.london@oaklandpub.com","avatarUrl":"","id":"123456789"} -
The API proxy runs and
$DOMINO_API_PROXYcontains the proxy address.
Prior to Domino 5.4, authentication was done using JWT propagation, where Domino injected a file into jobs and workspaces containing access credentials. This has been deprecated, but if user workflows have not yet been migrated, the EnableLegacyJwtTooling feature flag is available. It is set to false by default, but can be set to true to enable legacy JWT propagation behavior (while also retaining the proxy behavior).
However it is recommended to migrate workflows to use the JWT proxy for API access instead, as the JWT proxy is more reliable.
See Use a Token for Authentication for more information about JWT propagation.