Skip to main content
Matrix42 Self-Service Help Center

Web Service API Token

overview

API Tokens is a special mechanism of the Web Services authentication designed for 3rd party integration. Unlike to others available authentication approaches in UUX, like OAUTH 2 token, the API Token mechanism does not require End-User interaction (to provide credentials for log in), what allows to use in background processes, e.g. for cross process communications (example: Data Gateway communicates with SASM Services) or for interactions
 

Description  

To setup a connection with Web Services using API token approach, the valid API token need to be present in System. In Administration application, the area "Integration / Web  Service Tokens" presents all the Tokens. 

Run action "Generate New Token" to issue new API Token.

APIToken.png

Name, unique token name used to describe a purpose of the Token

Expires at, specifies amount of days the token stays valid. Option "Never Expires" keeps the generated token always valid until the moment the API Token is deactivated or deleted.

User, defines the Person associated with the Token. After successful authentication with API Token the System uses defined Person permissions for authorizing access to System resources.

Once the API Token is generated the System displays the Token on action result page.

APITokenGenerated.png

The generated Token is not stored and available ONLY right after generation in Action result page. Therefore it need to be copied and saved in secure way somewhere for a continuous use


Example: Configure API Token for 3d Party integration

 Use Case: The 3rd Party application "ExternalApp" need to be allowed to call a single Web Service method in SASM

  1. Create a Person in SASM, with name "ExtenalApp".
  2. Change the Audience of the needed Web Service Method to grant access for the "ExtenalApp" user
  3. Create API token for the "ExtenalApp" user
  4. Use the generated Token in external application 

Using API Token for Web Service call

The SolutionBuidler uses Access Token to authenticate each Service request. To obtain the Access Token the API Token has to be exchanged using a dedicated Web Service call:

POST /m42Services/api/ApiToken/GenerateAccessTokenFromApiToken/? HTTP/1.1
   Host: server.example.com
   Authorization: Bearer $ApiToken

The Access Token is issued for a short period of time, what allows to mitigate risks when the API Token has been compromised.
For more details see an article how to Generate and Use API tokent

 

  • Was this article helpful?