Lately I’ve been working on getting my demo catalogs set up and configured in both Content Hub and OrderCloud. When getting started I faced a few issues on how to accomplish simple tasks like authentication with Content Hub and would like to share how I imported my data, how it can be structured and also how it can be integrated across a technical landscape along with tips on where to find information and documentation and what to do when things go wrong.
What version of Content Hub are you running?
One of the first issues I came across when using my sandbox environment was an inability to send password reset emails. After logging a support ticket and being informed that little support for sandbox environments is provided, I was also told that I was running an older version of Content Hub. So how can we find out what version we’re running and also what SDK versions to use and what features are available? If you log in to your Content Hub instance and visit the URL https://your-instance-name.stylelabs.io/api/status the product_version value will provide the necessary information.
Once you know your Content Hub version you will need to make sure you’re viewing the correct documentation version. Previously I assumed I would always been using the latest version (after all, Content Hub is a SaaS platform) but some features are only available for certain versions, especially as the platform has evolved into the 4.x+ version.
Using the Content Hub SDK
Whilst you can directly interact with the REST API endpoints, I decided to work through importing my catalog using the C# SDK. The SDK Nuget packages are not available on either the public Nuget Feed or the Sitecore Nuget feed so you will need to add a new package source: https://slpartners.myget.org/F/m-public/api/v3/index.json. You should install the Stylelabs.M.Sdk.WebClient package version that most closely matches the Content Hub version you are using.
Getting ready for authentication
Before you can get started with the SDK you’ll need to create a user and an OAuth Client to provide credentials for the MClient. First, you need to create a user in Content Hub. I have not explored creating a user through our SSO integration/provider for use in this scenario as it’s something I don’t actually have access to.
- To create a Content Hub user you need to visit the admin section and select the users option. After clicking the add user button you will see a form with only one required field, Username. Ensure that you supply something descriptive enough that others will know what the user is for and save the user.
- Now you’ve created the user you’ll need to edit the users profile and provide an email address…which needs to be unique so you can’t use the email you already use to log in to Content Hub. So pick something that you have access to and follow your organizations rules around security.
- Since you’ve supplied an email address you can come back to the user details screen and select the reset password button. This will send an email to your supplied address and will enable you to create a unique, secure password for your user, make sure you take note of the password, you’ll need it for creating the MClient.
Next we’re going to create the OAuth client by visiting the OAuth Clients section, and creating a new client. Be descriptive with the name you provide (remember, other people are using this environment too), and use randomly generated data for the client ID and secret values. From the Content Hub documentation the other fields have the following purposes:
- Redirect Url: indicates the URI to return the user to after authorization is complete. All HTTP redirect URIs must be protected with TLS security, so the service will only redirect to URIs beginning with “https”. This prevents exposing tokens during the authorization process. (This doesn’t seem to have an impact when authenticating through the SDK and can be set to any value)
- Client Type: the type of the OAuth client can be Authorization Code, Resource Owner Password Credentials, or Client Credentials. (I have left this value empty and have been able to authenticate using OAuthPasswordGrant in the SDK)
- Users: users that have the permission to use the OAuth client. (Even with this value empty, I can still authenticate successfully)
[…] that should be made for production projects including throttling. Make sure you have your user and OAuth Client […]