Authentication
Preface
For authentication against the xSuite Helix Archive API the OpenID Connect process is used. The xSuite Helix authentication endpoint is the respective Keycloak customer realm.
Note
It is assumed the API developer has prior knowledge about the OpenID Connect or OAuth protocol and how to handle the authentication flows and respective tokens.
Basic authentication process
Request token from authentication endpoint
Attach respective token to API HTTPS requests
Example
The first step is to get the tokens from token endpoint. You will need the token endpoint address and the password. Both can be requested from the consulting.
The token endpoint looks like this:
https://{helixkeycloak}/auth/realms/{customer/tenant realm}/protocol/openid-connect/token
Postman Curl request example:
curl --location --request POST 'https://{helixkeycloak}/auth/realms/{customer/tenant realm}/protocol/openid-connect/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'client_id=archive' \ --data-urlencode 'client_secret={your client secret}'
Note
Bold text in braces needs to be replaced.
After a successful request you will receive the respective tokens (refresh_token and access_token). You can then attach the access token as Bearer into the Authorization header to your subsequent API requests to gain access.
Note
The access token has a limited lifetime.