Accessing the API

Last modified: Jun 20, 2019 @ 11:06

Accessing the API using the GUI

A key is necessary to access the Admin API. This section provides instructions on how to create a key for the Admin API.

  1. Click the drop-down arrow on the Settings button.
  2. Select API Keys. The API Keys page is displayed.
  3. Click +Create. The API Keys setup window opens.
  4. In the Name field, enter a name for the key.
  5. In the Expiration Date field, edit the default expiration date if needed.
  6. In the Roles section, click to place a check mark in the box to assign a role to the key.

Note: Only user accounts with the selected roles can access the API Key. Select as many as needed.

  1. Click Save. A message confirms that the operation was successful. The new key is automatically generated. The API Keys setup window closes, and the new API key appears in the list.

Accessing the GUI using the IoT Accelerator

To be able to access an API of an IoT Accelerator service, an API call from a client application needs to include the following:

  • An access token, used as the authentication header of the API call
  • The relevant API endpoint URL
  • X-DeviceNetwork header

Access Token for Basic Authentication

If the application uses basic authentication, the authorization header corresponds to the relevant IoT Accelerator project and can be shown in the Basic info tab of the relevant IoT Accelerator project. Click on the Show API authorization header button to reveal the access token.
Access Token for Basic Authentication

Access Token for OIDC Authentication 

If the application uses Open ID Connect authentication, the access token must be fetched by the application from the authorization server. Fetching the token is done through an API request using basic authentication: the OIDC authorization endpoint and the corresponding OIDC authorization header are shown in the Basic info tab of the relevant IoT Accelerator project.
Access Information for OIDC

The application first requests an access token from the Identity and Access Management solution of IoT Accelerator, then use this access token in the API call towards the API gateway provided by API Management. The response contains the access token and additional information, for example, token expiry time, refresh token, scope of authentication, and so on. The application uses the received information in the API call towards API Management.

Fetching and Using the Access Token through OIDC

API Endpoint URLs

In IoT Accelerator, the URL to access an API endpoint consists of parts that can be found on the API Documentation page.

Parts of an Endpoint URL

Resource URL

The API gateway address, which is added in the input box at the top right, can be used as resource URL.

When navigating to the API Documentation page from the IoT Accelerator Portal, the API gateway address is already specified.

Resource path

The resource path of an API is specified below the list of API resources.

API endpoint

The identities of API endpoints are listed under each API resource.