Applications that use the Software Potential web services to access product, customer, license and activation information must authenticate to Software Potential using OAuth 2 Client Credentials flow. Applications authenticate with a unique ClientID and Client Secret and get an Access Token in response; this token is then used when calling the web service API.
Client Registration
To authenticate to the Software Potential, an application must be registered as a client via the Software Potential portal.
- In the main navigation menu, select Develop -> Create Clients to open a client registration page
- In the client registration page:
- Enter a unique Client Id for your application. This must be unique across all clients registered in Software Potential.
- Select one or more Scopes (APIs) for which the client is to be authorized.
- A Client Secret is automatically generated when registering a new client. You can generate a new key by clicking the Refresh button.
- Click Save button to save your new client details.
Update Client Registration
You may need to update an existing client registration e.g. to change/update the client secret or to add/remove scopes.
To update your client registration:
- In the main navigation select Develop -> Manage Clients to view the table of client registrations
- In the table of registered clients, for the client to be updated click the Edit button to edit the client details
- You can now update the Client Id, the selected Scopes, or Client Secret. Click the Refresh button to generate a new secret.
- Click Save button to save your updated client details
Disable Registered Client
When necessary you can disable a client in Software Potential so that the application cannot access the Software Potential web services.
To disable a client:
- In the main navigation select Develop -> Manage Clients to view the table of client registrations
- In the table of registered clients, for the client to be updated click the Edit button to view the client details
- Uncheck the Enable checkbox
- Click Save button to save your updated client details
API Scopes
When registering a client application with Software Potential, one or more of the following scopes must be selected, depending on which web APIs are to be accessed by the application:
- develop - access develop API e.g. to create, update and retrieve webhooks and client registrations
- issue - access issue APIs e.g. to retrieve and assign licenses
- consume - access consume APIs e.g. to retrieve and update customers
- wcf - access WCF/SOAP APIS e.g. to create, update, and retrieve licenses and activations
Application Configuration
Once you have registered your application with Software Potential you will need to configure your application to authenticate to the Software Potential web APIs using the following values copied from Software Potential registration:
- Client Id
- Client Secret
- Scopes
In addition you will need to set the Authority value to the Software Potential STS Issuer - "https://sts.softwarepotential.com"
If your application requires access to multiple web APIs (e.g. consume and issue), you need to include the corresponding scopes as a space delimited string in your application configuration. All scopes should be lower case.
STS Discovery Endpoint
The discover endpoint at: https://sts.softwarepotential.com/.well-known/openid-configuration can be used to retrieve JSON metadata document that contains most of the information a client application requires to sign in to Software Potential, including the STS Token endpoint.
Sample Application
We have sample GitHub applications that demonstrate how to authenticate to both REST and WCF web services using Client Credentials flow. These can be found at https://github.com/SoftwarePotential/samples/tree/master/Api
Comments
0 comments
Article is closed for comments.