All of the api methods requires adding the username and password in the request. This would mean I would need to store the credentials somewhere so I can retrieve it when needed. However, I would like to avoid storing passwords if possible.
Authentication method returns a session ticket which can replace username and password in the request. Is there a way to obtain this ticket, bypassing the SAML response / SSO process? I would just like to get something like an access token which I can use for the subsequent api calls without getting into the SSO complexity.
Is this possible?
We do offer global SAML configuration option, where you can act as your own IdMS, even on non-SSO sites. Each site that uses your application can request to authorize your global SAML config on their site to allow your application to authenticate requests without storing user password.