Qodex.ai

Issues multiple technical tokens to access customer IoT data.

POST {{baseUrl}}/oauthTokens

Returns a technical user access token for each user tenant ID specified in the request body. A maximum of 2 access tokens can be requested in one call.

The operation can be used by operator and developer tenants. Custom authentication is required, as described in detail at paramter X-SPACE-AUTH-KEY.

  • When a developer tenant has hosted an app and a token has to be issued for the developer tenant, then the values of 'userTenant' and hostTenant' should both be equal to the developer tenant ID in the request payload.
  • When an operator tenant has hosted an app and a token has to be issued for the operator tenant, then the values of 'userTenant' and hostTenant' should both be equal to the operator tenant ID in the request payload.
  • When an operator tenant has hosted an app and provisioned it to another tenant and a token is to be issued for the provisioned tenant, then the value of the 'hostTenant' should be equal to operator tenant ID and the value of 'userTenant' should be equal to the provisioned tenant's ID in the reqeust payload.

Request Body

{"appName"=>"<string>", "appVersion"=>"<string>", "hostTenantId"=>"<string>", "userTenantIds"=>["<string>", "<string>"]}

HEADERS

KeyDatatypeRequiredDescription
X-SPACE-AUTH-KEYstring(Required) Is used as authentication information for this operation. The value of this header must be constructed according to basic authentication as
  Basic Base64(&quot;clientID:clientSecret&quot;)

where Base64(.) must be replaced by the Base64 encoded string of its argument string, including the separator colon. clientID and clientSecret can be obtained from the environment variables of a MindSphere CloudFoundry application, where the relation from environment variable to client credentials is given by

  MDSP_KEY_STORE_CLIENT_ID     --&gt; clientID
  MDSP_KEY_STORE_CLIENT_SECRET --&gt; clientSecret

| | Content-Type | string | | | | Accept | string | | |

RESPONSES

status: OK

{&quot;oauthTokens&quot;:[{&quot;userTenantId&quot;:&quot;testusertenant1&quot;,&quot;token&quot;:{&quot;access_token&quot;:&quot;eyJhbGciOi...&quot;,&quot;token_type&quot;:&quot;bearer&quot;,&quot;timestamp&quot;:-35584099.32835489,&quot;expires_in&quot;:1799,&quot;scope&quot;:&quot;cst.r uts.su im.usr.r em.rep.r tm.st.r tm.t.r agm.r iam-action.client_credentials.tenant-impersonation uts.ri asm.r atm.r uts.rc uaa.offline_token emds.ent.r asm.rep.r iam-action.client_credentials.user-impersonation mdsp:core:Admin3rdPartyTechUser&quot;,&quot;jti&quot;:&quot;b019ceb63513456c88f2d67c0e92d35b&quot;}},{&quot;userTenantId&quot;:&quot;testusertenant1&quot;,&quot;token&quot;:{&quot;access_token&quot;:&quot;eyJhbGciOi...&quot;,&quot;token_type&quot;:&quot;bearer&quot;,&quot;timestamp&quot;:-36144089.45944354,&quot;expires_in&quot;:1799,&quot;scope&quot;:&quot;cst.r uts.su im.usr.r em.rep.r tm.st.r tm.t.r agm.r iam-action.client_credentials.tenant-impersonation uts.ri asm.r atm.r uts.rc uaa.offline_token emds.ent.r asm.rep.r iam-action.client_credentials.user-impersonation mdsp:core:Admin3rdPartyTechUser&quot;,&quot;jti&quot;:&quot;b019ceb63513456c88f2d67c0e92d35b&quot;}}]}