Versions Compared

Old Version 1

changes.mady.by.user Ashish Pandit

Saved on

compared with

New Version 2

changes.mady.by.user Louis Zelus

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

For now we are using client authentication only (no user name) and generating the bearer tokens manually.  Eventually we will be using the more traditional methods to generate tokens, such as sending the user to authenticate with the Key Manger or passing along the SAML Assertion.

Setup

...

  1. nLouis to provide you with consumer key and secret (there is an update needed in api mgr. Once it is done, step 1 and 2 are not required)

Code update:

  1. IN your code, capture SAML assertion once user has logged in through SSO 
  2. Get access token from authorization server by posting as shown in curl command below (Lois can probably help you more with the construct)

 

URL:

...

- Subscribe to the API & Generate Keys

To generate the token one must first subscribe, subsequently you can just "regenerate" the token.

  1. Access the API store via https://api-dev.ucsd.edu/store (for now you have to make a hosts file change to skip the LB and you have to use port 9443 for this to work.)
  2. Create and Application (or use your "default application".
  3. Select the WebReg API and subscribe your application.
  4. View your subscriptions and Generate a production key (I'm not sure if sandbox will work). 
  5. The token that is generated should be used by your code to access the API. (This token is good for an hour, you can regenerate the token when you need or we can change the duration in the DB if necessary)

Test the API with Bearer

Test that the token works and everything is wired up right by using curl.

Code Block
languagebash
 curl -H "Authorization :Bearer 441aae1cb1ad1584cec2334d61eb25b5" https://api-dev.ucsd.edu:8243/webreg/2.1.0/schedule/editEnroll

Replace the token with the bearer token you just (re)generated.  You should get a response from the WebReg api indicating "Insufficient Parameters" or something similar.

Note: if you are skipping the Load Balancer and accessing the gateway directly, curl will complain about the certificate it is using.  Switch to http on port 8280 to avoid this issue.

Request a client auth token via API

You can generate a token directly without using the web UI by using curl.

Code Block
languagebash
 curl -k -d "grant_type=password&username=admin&password=admin" -H "Authorization: Basic SkRWNHlvanZkZjV4Y1ZPZVozX2JiUGdOWUFzYTpxTU5VeHc4WGxzMDV4RXJLQk5DSjVUTG1iT3dh, Content-Type: application/x-www-form-urlencoded" http://api-dev.ucsd.edu:8280/token

Replace the token with the bearer token you just (re)gen

 

 

 

Header: key/secret in your api basic auth headers

...