Anaplan API v2.0 - customer experience and documentation
Over the past couple of months i have been on a mission to update our Anaplan API version from 1.3 to 2.0. **PLEASE NOTE that i am a novice when using certificates and I read a lot online in different forums to understand more about CA certificates and the different formats they can take.** I worked internally with the security team to get CA generated certificate, to use with the NEW Anpalan authentication service. It took me many weeks to get this process working, and the Anaplan Service team was great to work with. Ultimately, it came down the randomly signed string. I have tested extensively and the only type of string i could get to work was a Java (did not try Python) random byte character string generated. It seems that the character string has to be in bytes format for it to work.
I have posted the high level steps below:
High-level steps:
- Request a CA certificate be created
- Insert ONLY the public certificate into the Anaplan, or create one yourself. Which ever is the method required by your firm
- In order to upload the CA public certificate, an administrator, with the hamburg in then upper left hand corner, will select the Administration option and then the sub-level of Security. A screen shot is shown below to demonstrate this.
- The screen shot below is adding the public certificate to the Anaplan site. The public cert may already be in the correct format, which i believe is PEM and Base64 encoded. You can use OpenSSL as an open source tool to convert certificates into different formats
For further information please review Anaplan's site: - https://help.anaplan.com/anapedia/Content/Administration_and_Security/Tenant_Administration/Security/Certificates.htm?_ga=2.135268727.710249128.1552916039-1208465040.1552574943 .
When the authentication service is being called, the service will check against the public cert.
- In order to upload the CA public certificate, an administrator, with the hamburg in then upper left hand corner, will select the Administration option and then the sub-level of Security. A screen shot is shown below to demonstrate this.
- Call the Anaplan authentication service. This is an API call that returns a Java Web Token (JWT). This is the key that allows for the Anaplan Kingdom to be opened for different actions. NOTE: the JWT is only valid for 30 minutes. 'Refreshing' the JWT still created a new JWT.
- Anaplan Authentication API service
- You can test the certificate setup in Postman. A sample setup and successful response is shown below.
- Anaplan Authentication API service