I'm a beginner and require assistance with implementing authentication for a SOAP resource. Specifically, my challenge involves the use of a session ID within the SOAP header for each subsequent call I make in my app.
To provide context, here's an example of what a typical raw soap envelope of the final query similar to the type that I want to make in my app might look like:
eg.
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<UserSessionCredentials xmlns="http://www.url.net/">
<UserId>{USER_ID}</UserId>
<ClientId>{CLIENT_ID}</ClientId>
<SessionId>{SESSION_ID}</SessionId>
</UserSessionCredentials>
</soap:Header>
<soap:Body>
<GetReportData xmlns="http://www.url.net/">
<getReportRequest>
<TemplateName>{template_name}</TemplateName>
<SearchClause>{search_clause}</SearchClause>
<OrderBy>{order_by}</OrderBy>
<Columns>{columns}</Columns>
</getReportRequest>
</GetReportData>
</soap:Body>
</soap:Envelope>
I've successfully created a custom authentication flow in the resource section, where a call is made to the SOAPAction Authenticate providing a username and password. This returns a session ID.
However, I'm uncertain about how to include this session ID in the SOAP header for subsequent calls I query in my web app. I understand the process for REST API calls, where I would return the session ID I defined as a variable in the workflow in one of the headers here
But for SOAP, I'm unsure how to pass this session ID into the SOAP header, which is then used as a query in the final web app. I can't do this all in the resource section because I want the elements in the SOAP body to be selected by the user in the app. Eg. user requests a specific {template_name} {search_clause} as in the above image within certain date range, etc.
Could anyone please guide me on how to correctly implement this? Or is my approach off? What I want is a way to pass down the session id which i define in resource step to be available in the soap body of the query API call I make in my web app.
I also see I can do this all in the front-end app eg. 1) query that gets the sessionID, save this as a variable, use in subsequent queries. But this would involve making username and password visible I think?
Thanks in advance for any assistance.