Authentication

To ensure secure access to the Partner Services API, all requests must be authenticated. This guide provides instructions on how to authenticate your requests.

We are using standarized OAuth2 client credential flow to authenticate client applications

Register Your Application

Contact Knowit to get a client_id and client_secret.

Request an Access Token

Make a POST request to the token endpoint:
```
POST https://<keycloak-domain>/auth/realms/<realm-name>/protocol/openid-connect/token
```
Include the following parameters:
- grant_type=client_credentials
- client_id=YOUR_CLIENT_ID
- client_secret=YOUR_CLIENT_SECRET

Example: Retrieving Access Token

Here’s an example using curl:

curl -X POST https://<keycloak-domain>/auth/realms/<realm-name>/protocol/openid-connect/token \
     -d 'grant_type=client_credentials' \
     -d 'client_id=YOUR_CLIENT_ID' \
     -d 'client_secret=YOUR_CLIENT_SECRET'

Making Authenticated Requests

Include the access token in the Authorization header for API requests:

Authorization: Bearer YOUR_ACCESS_TOKEN

Example: Making an Authenticated Request

Here’s an example of a GET request to retrieve an application by its ID using .NET:

using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;

namespace PartnerServicesApiExample
{
    class Program
    {
        private static readonly HttpClient client = new HttpClient();

        static async Task Main(string[] args)
        {
            var accessToken = "YOUR_ACCESS_TOKEN"; // Replace with your actual access token
            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

            var applicationId = 123; // Example application ID
            var response = await client.GetAsync($"https://api.partner-services.com/application/{applicationId}");

            if (response.IsSuccessStatusCode)
            {
                var responseData = await response.Content.ReadAsStringAsync();
                Console.WriteLine(responseData);
            }
            else
            {
                Console.WriteLine($"Error: {response.StatusCode}");
                var errorData = await response.Content.ReadAsStringAsync();
                Console.WriteLine(errorData);
            }
        }
    }
}

Error Handling

Handle errors by checking response status codes and printing error details if the request fails.

Best Practices for OAuth 2.0 Security

Keep Credentials Secure: Store client secrets securely and never expose them in client-side code.
Use Environment Variables: Store credentials in environment variables or secure vaults.
Regularly Rotate Secrets: Periodically regenerate client secrets to reduce the risk of compromise.
Monitor Usage: Track API usage to detect unusual activity.

By following these guidelines, you can securely and efficiently access the Partner Services API using Keycloak's OAuth 2.0 client credentials flow.

PreviousGetting started NextEndpoints

Last updated 1 year ago

hashtagRegister Your Application

hashtagRequest an Access Token

hashtagExample: Retrieving Access Token

hashtagMaking Authenticated Requests

hashtagExample: Making an Authenticated Request

hashtagError Handling

hashtagBest Practices for OAuth 2.0 Security