A customer is looking to use middleware and API's for connecting App Broker to Cloud FNMS because their security team recommended it due to the fact that AB is on-prem and FNMS is in the cloud. Wondering if anyone has seen or done something like this before. Specifically they are looking at using Boomi to do the integration. Currently they are re-evaluating the need from a security perspective, but would like to hear from other experiences (if there are any) should they decide to use middleware for this.
‎Nov 30, 2020 03:19 PM
I don't really have any experience with Boomi, or similar "middleware", but I have to imagine that you could set this up without any special configuration in App Broker (there is none ).. The integration between FNMS and App Broker is fairly straight forward.. App Broker is basically making a web request to the Compliance API service, in order to make SOAP API calls.. The following code blurb is very similar to what App Broker is doing:
var myUri = new Uri(fullpath);
var myWebRequest = WebRequest.Create(myUri);
var myHttpWebRequest = (HttpWebRequest)myWebRequest;
myHttpWebRequest.PreAuthenticate = true;
myHttpWebRequest.Headers.Add("Authorization", "Bearer " + AccessToken);
myHttpWebRequest.Accept = "application/json";
var myWebResponse = myWebRequest.GetResponse();
var responseStream = myWebResponse.GetResponseStream();
if (responseStream == null) return null;
var myStreamReader = new StreamReader(responseStream, Encoding.Default);
var json = myStreamReader.ReadToEnd();
responseStream.Close();
myWebResponse.Close();
Where the URI (fullPath) would be something like: https://<vendorName>.flexnetmanager.com/ManageSoftServices/ComplianceAPIService/ComplianceAPIService.asmx?WSDL" And the AccessToken is that entered in App Broker...
‎Dec 02, 2020 03:29 PM
I have seen a similar request from another customer that wanted to use Boomi middleware. I'm not sure if they ended up implementing it or not. I'm not sure what value this would really provide. Please note that FNMS (in the cloud) never initiates any communication with App Broker (on-prem). Any communication between these two products is always initiated from App Broker (over HTTPS), and for the most part, is read-only (the only exception is if a license reservation is created as a result of a license check). What is the security concern they are trying to mitigate?
‎Dec 03, 2020 12:06 PM