Generating an authorization token

This token can be used to access the operations of all the services like data service, catalog service, orchestrator, and archival service.

    Procedure
  1. To authorize a particular service, open the REST API home page of that service in a browser.
    Note: If the enableSecureAPI value is set as false, the authentication is bypassed, and you do not have to authorize the service. For the REST services, the authorization token is not required. However, you must provide the tenantID.
  2. Click the Authorize button.
  3. The Available authorizations window opens.

  4. Pass the following mandatory parameters:
    Authorization parameters and description
    Element Name Element Type Description
    user name String username@tenantId
    password String Existing password
    Client credentials location Select Authorization header or Request body from the dropdown options.
    client_id String as provided in Tenant Registration
    client_secret String as provided in Tenant Registration

  5. Select the read and write checkboxes as per the requirements and then click the Authorize button.
ResultAn authorization token is generated for the particular service. This token is unique and valid only for the dedicated user with tenant ID. The access token comes with an expiry.
Authorization Token APIs
Note:

  • If you use an External Auth service, then User Management and Token Generation do not work. For this, use POSTMAN as Swagger authentication does not work.

  • If you use Azure, the token is generated by Azure and not by Order Management Authorization service.

  • OIDC works only with SSL.

  • When you have chosen OIDC, Swagger cannot handle the OIDC flow.

  • In the case of OIDC, if the token is expired, it generates an error.

  • Client credentials cannot be handled via the Swagger.

Generate OAuth Token

This request is used to generate authorization OAuth token.

Method: HTTP POST method

Endpoint: http://<host_address>:<port_address>/oauth/token

Generate Authorization Header Parameters
Parameter Cardinality Description
grant_type Mandatory You can select password or refresh token.
scope Mandatory You can select read, write, or 'read write'.
refresh_token   Refresh token from previously generated token. Required only when grant_type=refresh_token
user name   Required only when grant_type=password
password   Required only when grant_type=password
tenantId   Required only when grant_type=password
Authorization Mandatory  
Content-Type Mandatory