1. Token Acquisition with “Manage From This Policy” Option
The ways to obtain client_id and client_secret values according to the management level of the Authentication policy are as follows:
- If Authentication Policy is Added to API Proxy: client_id and client_secret values are obtained from the “Show Proxy Key” section in the Overview section of the API Proxy.
- If Authentication Policy is Added to Proxy Group: client_id and client_secret values are obtained from the “Show Proxy Key” section in the Overview section of the API Proxy Group.
- If Authentication Policy is Added to Policy Group: client_id and client_secret values are obtained from the “Show Proxy Key” section in the Definition section of the relevant Policy Group.
1.1 Token Acquisition with JWT
If the “Manage From This Policy” option is selected in the created JWT Policy, tokens are acquired using this method. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/auth/jwt.
If the Allow URL Parameters option is selected, information can be sent using GET method and URL parameters. (See the table below for parameters to be sent)
- HTTP Method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key Name | Value to Enter if “client_credentials” is Selected When Defining Policy | Value to Enter if “password” is Selected When Defining Policy |
|---|---|---|
| grant_type | client_credentials | password |
| client_id | Public Key value obtained from API Key field | Public Key value obtained from API Key field |
| client_secret | Secret Key value obtained from API Key field | ”-” (dash) |
| username | This field is not added | Username of one of the records in the authentication pool you selected |
| password | This field is not added | Password of one of the records in the authentication pool you selected |
Token Refresh
If the Token Should Be Immortal option is closed and the Token Refresh Should Be option is opened, tokens that will become invalid after a certain period can be refreshed within the period specified in the Refreshed Token Validity Period field. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/auth/jwt.
If the Allow URL Parameters option is selected, information can be sent using GET method through URL parameters. (See the table below for parameters to be sent).
- HTTP Method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key Name | Key Value |
|---|---|
| grant_type | refresh_token |
| client_id | Public Key value obtained from API Key field |
| client_secret | ”-” (dash) |
| refresh_token | Value in the “refresh_token” key in the previously acquired token |
If grant_type is client_credentials
Add a JWT Authentication policy with default values. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is password
Add a JWT Authentication policy with Grant Type value Password. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is refresh_token
Add a JWT Authentication policy with refresh option enabled. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
1.2 Token Acquisition with OAuth2
If the “Manage From This Policy” option is selected in the created OAuth2 Policy, tokens are acquired using this method. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/auth/token.
If the Allow URL Parameters option is selected, information can be sent using GET method and URL parameters. (See the table below for parameters to be sent)
- HTTP method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key Name | Value to Enter if “client_credentials” is Selected When Defining Policy | Value to Enter if “password” is Selected When Defining Policy |
|---|---|---|
| grant_type | client_credentials | password |
| client_id | Public Key value obtained from API Key field | Public Key value obtained from API Key field |
| client_secret | Secret Key value obtained from API Key field | Secret Key value obtained from API Key field |
| username | This field is not added | Username of one of the records in the authentication pool you selected |
| password | This field is not added | Password of one of the records in the authentication pool you selected |
Token Refresh
If the Token Should Be Immortal option is closed and the Token Refresh Should Be option is opened, tokens that will become invalid after a certain period can be refreshed within the period specified in the Refreshed Token Validity Period field. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/auth/token.
If the Allow URL Parameters option is selected, information can be sent using GET method through URL parameters. (See the table below for parameters to be sent).
- HTTP method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below
| Key Name | Key Value |
|---|---|
| grant_type | refresh_token |
| client_id | Public Key value obtained from API Key field |
| client_secret | Secret Key value obtained from API Key field |
| refresh_token | Value in the “refresh_token” key in the previously acquired token |
If grant_type is client_credentials
Add an OAuth2 Authentication policy with default values. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is password
Add an OAuth2 Authentication policy with Grant Type value Password. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
GrantType: Refresh Token
Add an OAuth2 Authentication policy with refresh option enabled. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
1.3 Token Acquisition with Scope
Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/auth/jwt. - HTTP Method should be POST. “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below
| Key Name | Value to Enter if “client_credentials” is Selected When Defining Policy | Value to Enter if “password” is Selected When Defining Policy |
|---|---|---|
| grant_type | client_credentials | password |
| client_id | Public Key value obtained from API Key field | Public Key value obtained from API Key field |
| client_secret | Secret Key value obtained from API Key field | ”-” (dash) |
| username | This field is not added | Username of one of the records in the authentication pool you selected |
| password | This field is not added | Password of one of the records in the authentication pool you selected |
| scope | Role name defined for the user | Role name defined for the user |
Defining Role for User
To define a role for the user, a new role should be added from the roles section as below and that Proxy should be added to the user from the API Proxy ACL section.
If grant_type is client_credentials
Add a JWT Authentication policy with default values. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is password
Add a JWT Authentication policy with Grant Type value Password. While doing this, copy your API Key information to use. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
2. Token Acquisition with “Manage From ACL” Option
2.1 Token Acquisition with JWT
If the “Manage From ACL” option is selected in the created JWT Policy, tokens are acquired using this method. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/credential/jwt.
If the Allow URL Parameters option is selected, information can be sent using GET method and URL parameters. (See the table below for parameters to be sent)
- HTTP Method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key Name | Value to Enter if “client_credentials” is Selected When Defining Policy | Value to Enter if “password” is Selected When Defining Policy |
|---|---|---|
| grant_type | client_credentials | password |
| client_id | Client Id value belonging to Credentials | Client Id value belonging to Credentials |
| client_secret | Client Secret value belonging to Credentials | Client Secret value belonging to Credentials |
| username | This field is not added | Username of one of the records in the authentication pool you selected |
| password | This field is not added | Password of one of the records in the authentication pool you selected |
Token Refresh
If the Token Should Be Immortal option is closed and the Token Refresh Should Be option is opened, tokens that will become invalid after a certain period can be refreshed within the period specified in the Refreshed Token Validity Period field. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/credential/jwt.
If the Allow URL Parameters option is selected, information can be sent using GET method through URL parameters. (See the table below for parameters to be sent).
- HTTP Method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key name | Key Value |
|---|---|
| grant_type | refresh_token |
| client_id | Client Id value belonging to Credentials |
| client_secret | Client Secret value belonging to Credentials |
| refresh_token | Value in the “refresh_token” key in the previously acquired token |
If grant_type is client_credentials
Add a JWT Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen and save default values. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is password
Add a JWT Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen, select Grant Type value as Password and save. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is refresh_token
Add a JWT Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen, enable Token Refresh option and save. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
2.2 Token Acquisition with OAuth2
If the “Manage From ACL” option is selected in the created OAuth2 Policy, tokens are acquired using this method. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/credential/token.
If the Allow URL Parameters option is selected, information can be sent using GET method and URL parameters. (See the table below for parameters to be sent)
- HTTP method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below.
| Key Name | Value to Enter if “client_credentials” is Selected When Defining Policy | Value to Enter if “password” is Selected When Defining Policy |
|---|---|---|
| grant_type | client_credentials | password |
| client_id | Client Id value belonging to Credentials | Client Id value belonging to Credentials |
| client_secret | Client Secret value belonging to Credentials | Client Secret value belonging to Credentials |
| username | This field is not added | Username of one of the records in the authentication pool you selected |
| password | This field is not added | Password of one of the records in the authentication pool you selected |
Token Refresh
If the Token Should Be Immortal option is closed and the Token Refresh Should Be option is opened, tokens that will become invalid after a certain period can be refreshed within the period specified in the Refreshed Token Validity Period field. Prepare a new HTTP request using Apinizer Test Console or another application of your choice.- The address should be entered similar to the following according to your own Apinizer access address:
https://apinizerErisimAdresiniz/credential/token.
If the Allow URL Parameters option is selected, information can be sent using GET method through URL parameters. (See the table below for parameters to be sent).
- HTTP method should be POST.
- “x-www-form-urlencoded” value should be selected in the Body field. If Apinizer Test Console is not used, a header should be added with “Content-Type” name and “application/x-www-form-urlencoded” value.
- The values to be entered in the Body field are as shown in the table below
| Key Name | Key Value |
|---|---|
| grant_type | refresh_token |
| client_id | Client Id value belonging to Credentials |
| client_secret | Client Secret value belonging to Credentials |
| refresh_token | Value in the “refresh_token” key in the previously acquired token |
If grant_type is client_credentials
Add an OAuth2 Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen and save default values. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is password
Add an OAuth2 Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen, select Grant Type value as Password and save. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
If grant_type is refresh_token
Add an OAuth2 Authentication policy with Manage From ACL option. Go to Token Settings panel from Credential screen, enable Token Refresh option and save. Send your token acquisition request with a message like the example below. The image containing the settings for sending a request to Token Service through Apinizer Test Console is shown below:
