Hi,
My application is hosted on PANTARIS, I want to access the backend of my application using the REST calls from a JAVA based script, but the problem is how to authenticate to Pantaris, and get the access token for the user (as different user should have different authentication) we are refraining to use device, technical user context of login.?
Can we use Curl or some other ways to login and get the token and then use the same with all the request?( We are trying not to use browser for SSO rather, use some CLI commands and achieve the goal. )
Hi, please check the docs: Documentation | PANTARIS for the different possibilities and identities.
Have gone through the Docs but didn’t find anything suitable for my use case, w.r.t Authentication in the context of Human User - The issue is it relies on CTL that is an experimental feature.
Can you please tell me something that is specific to my use case.?
Sure, kindly share details on your usecase: What’s the purpose of accessing your api via curl for users? What’s the goal of your app?
I have an application hosted in the Pantaris, which is having a frontend, backend and DB.
The same backend API we want to use using using a script (written in core JAVA), that is supposed to hit our backend API(using CURL) and get some result, but in order to do so we need to authenticate the user and get a token, that can be sent with the request.
I want to get the token without browser intervention (like manual SSO login) and then use the token with the request.
Alright, if this is one time job, just pickup the token from the dev-tools (see linked docs previous post). If that’s sometime recurrent, register the script as “technical user” or “equipment” (see linked docs, both can have credentials or tokens for curl usage).
I have created the technical user.
Went through the docs link shared by you, but I am not getting how to proceed ahead.?
as per the image, its asking to follow Client Credintial Auth flow where can I find it?
and how to move ahead for accessing my API?
OAuth is an open standard. A search engine of your choice should find you guides matching your usecase. You will get a Bearer token during the flow, which you pass as Bearer <token> as Authorization-header to our API.
Thank you for your quick response. I have gone through the Oauth docs.
I have one query.
we need to store our client_id, client_secret in our script in order to generate the token at least for the first time?
or even if we generate the token using client_id and secret; we need to store the bearer token as a part of the script (storing it locally somewhere) for making api request, and that can be a security issue.
As the script will be a part of a repository that will be used by many user and for sure they need the bearer token to access the API.
Yes, you should never store any authorization details in a repo (no client-credentials, no tokens) etc.
If you kept it somewhere outside of PANTARIS, this is not the right place for question as we not aware of your setup.
You might want to consider moving the script (or its features) to your application or a dedicated application on PANTARIS, if you don’t have a capable environment for your script.
As per the docs to access the API, I got the calponia-token from the browser cookie and then used the same in my get request using CURL, but I am getting 401 error.
Can you please tell me If I am doing something wrong?
As using the same API from browser is giving me the expected response.
There is a space missing between Bearer and the Token
Unfortunately, with space also same error is existing.
Hm, seems Bearer tokens are not supported for accessing app-instances yet. Sorry for that, I wasn’t aware. Then I guess you have to go with devices tokens for now.
