After all the registration has been completed in SAM, to be able to call the Smart APIs that hold your data, you must get an access token for authentication. You do this with the Security Token Service, which is a software component that issues access tokens for authenticated users. This procedure describes how to get a token.
Separate tokens are required for the Client Backend and the Web API to enable onboarding requests. The scope key value determines the required token for each IIS application.
-
Launch Postman.
-
Select the POST HTTP method and in the URL of the request, type the path to the SAM server your application is configured for, using the format: https://{SAMServer}.MyDomain.com/sam/oauth/connect/token.
For example:
https://SAMServername.domain.com/sam/oauth/connect/token
-
Click the Body tab below the URL address.
-
Select the x-www-form-urlencoded content type.
-
Complete the form request by providing the following key / value pairs:
Key
Value
grant_type
password
username
password
client_id
*12345678-9ABC-DEF0-1234-56789ABCDEF0
client_secret
scope
*FEDCBA98-7654-3210-FEDC-BA9876543210
acr_values
idp:*A1B2C3D4-E5F6-9876-5432-334455FEDCBA
-
The values shown with an asterisk are examples only. Use the same parameters you entered when you ran the AuthenticationConfiguartion.psi PowerShell script.
-
The username and password key values apply to a domain user with the needed permissions set in Smart API Manager.
-
The client_id and client_secret key values are generated during Smart Client registration within Smart API Manager.
-
The scope key value is generated during Smart API registrations of the Web API and Client Backend within Smart API Manager. It is also generated as the TokenAudience value in the results when you run the Get Description request.
-
The acr_values key value can be found in Smart API Manager Settings on the IDENTITY tab, under Identity Providers > Windows Credentials. The value must be prefixed by the string 'idp:'.
To save time when entering the keys and their values, place the cursor in the Key field of the first row and paste the text from the Token Request keys.txt file supplied to you.
-
-
Click Send.
-
Copy the accessToken value from the response body. Do not include the double-quotes with the value.
The access token is a long string taking up 7 or more rows of text, depending on the size of the window in Postman.
-
To use the token in a request, do the following:
-
Type a new request or select an existing request.
-
Click the Header tab.
-
In the first row of the Key column, type the word Authorization.
-
In the Value field of that row, type the word 'Bearer' followed by a space, and then paste the accessToken value.
-