Generating an authorization token

This token can be used to access the operations of all the services like data service, catalog service, orchestrator, and archival service.

    Procedure
  1. To authorize a particular service, open the REST API home page of that service in a browser.
    Note: If the enableSecureAPI value is set as false, the authentication is bypassed, and you do not have to authorize the service. For the REST services, the authorization token is not required. However, you must provide the tenantID.
  2. Click the Authorize button.

    3. The Available authorizations window opens.

  3. Pass the following mandatory parameters:
    Authorization parameters and description
    Element Name Element Type Description
    username String username@tenantId
    password String Existing password
    Client credentials location Select Authorization header or Request body from the drop-down options.
    client_id String as provided in Tenant Registration
    client_secret String as provided in Tenant Registration

  4. Select the read and write checkboxes as per the requirements and then click the Authorize button.
ResultAn authorization token is generated for the particular service. This token is unique and valid only for the dedicated user with tenant ID. The access token comes with an expiry.
Authorization Token APIs
Note:

  • If you use an External Auth service, then User Management and Token Generation do not work. For this, use POSTMAN as Swagger authentication does not work.

  • If you use Azure, the token is generated by Azure and not by Order Management Authorization service.

  • OIDC works only with SSL.

  • When you have chosen OIDC, Swagger cannot handle the OIDC flow.

  • In the case of OIDC, if the token is expired, it generates an error.

  • Client credentials cannot be handled via the Swagger.

Generate Authorization Header

This request is used to generate the authorization header for OAuth token endpoint.

Method: HTTP GET method

Endpoint: http://<host_address>:<port_address>/v1/generateAuthHeader

Generate Authorization Header Parameters
Parameter Cardinality Description
client_id Mandatory as provided in Tenant Registration
client_secret Mandatory as provided in Tenant Registration

Generate OAuth Token

This request is used to generate authorization OAuth token.

Method: HTTP POST method

Endpoint: http://<host_address>:<port_address>/oauth/token

Generate Authorization Header Parameters
Parameter Cardinality Description
grant_type Mandatory You can select password or refresh token.
scope Mandatory You can select read, write, or 'read write'.
refresh_token   Refresh token from previously generated token. Required only when grant_type=refresh_token
username   Required only when grant_type=password
password   Required only when grant_type=password
tenantId   Required only when grant_type=password
Authorization Mandatory  
Content-Type Mandatory