Anaplan API v2.0 - customer experience and documentation
Over the past couple of months i have been on a mission to update our Anaplan API version from 1.3 to 2.0. **PLEASE NOTE that i am a novice when using certificates and I read a lot online in different forums to understand more about CA certificates and the different formats they can take.** I worked internally with the security team to get CA generated certificate, to use with the NEW Anpalan authentication service. It took me many weeks to get this process working, and the Anaplan Service team was great to work with. Ultimately, it came down the randomly signed string. I have tested extensively and the only type of string i could get to work was a Java (did not try Python) random byte character string generated. It seems that the character string has to be in bytes format for it to work.
I have posted the high level steps below:
Request a CA certificate be created
Insert ONLY the public certificate into the Anaplan, or create one yourself. Which ever is the method required by your firm
In order to upload the CA public certificate, an administrator, with the hamburg in then upper left hand corner, will select the Administration option and then the sub-level of Security. A screen shot is shown below to demonstrate this.
The screen shot below is adding the public certificate to the Anaplan site. The public cert may already be in the correct format, which i believe is PEM and Base64 encoded. You can use OpenSSL as an open source tool to convert certificates into different formats For further information please review Anaplan's site: - https://help.anaplan.com/anapedia/Content/Administration_and_Security/Tenant_Administration/Security... . When the authentication service is being called, the service will check against the public cert.
Call the Anaplan authentication service. This is an API call that returns a Java Web Token (JWT). This is the key that allows for the Anaplan Kingdom to be opened for different actions. NOTE: the JWT is only valid for 30 minutes. 'Refreshing' the JWT still created a new JWT.