Other

Accessing Signicat REST Services

937 views August 28, 2017 June 7, 2018 3

Overview

In order to consume Signicat REST services, a caller must first acquire an access token in order to be able to authenticate consecutive requests. The access token is retrieved using the OpenID Connect (OIDC) protocol. For more, general information about OpenID Connect, please refer to OpenID Connect.

Using the service

Required information

In order to call the OIDC endpoint, you will need:

  • Client ID
  • Client secret
  • Scope

API

Environment
Base URL
Beta https://beta.signicat.com
Preproduction https://preprod.signicat.com
Production https://id.signicat.com
Path
Verb
Content type
Header
Input
Output
/oidc/token POST application/x-www-form-urlencoded Authorization header TokenRequest TokenResponse

Authorization header

When acquiring the access token

The authentication header is your Client ID and Client secret, joined with a colon in between and then base 64 encoded. So, if your client id is

“foo” and your client secret is “bar”, then the header value is:

foo:bar -> Zm9vOmJhcg==

In your HTTP request to the /oidc/token endpoint, the following header is then added:

Authorization: Basic Zm9vOmJhcg==
When using the access token

When you’ve received the access token, you will need to apply an authorization header when doing requests to the service resources that you are using. The access token header is:

Authorization: Bearer <YOUR ACCESS TOKEN HERE>

Code examples

Example using cURL
curl -X POST "https://<ENVIRONMENT>.signicat.com/oidc/token" \
    -H "Authorization: Basic <CLIENT ID AND SECRET BASE64 ENCODED>" \
    -d "grant_type=client_credentials&scope=<SCOPE>"
Example request using Java
class TokenResponse {
    @JsonProperty("access_token")
    String accessToken;
    @JsonProperty("token_type")
    String tokenType;
    @JsonProperty("scope")
    String scope;
    @JsonProperty("expires_in")
    int expiresIn;
}
    private static String getToken(CloseableHttpClient httpClient, String
            scope) {
        ObjectMapper mapper = new ObjectMapper();
        try {
            HttpPost auth = new HttpPost(OIDC_URL);
            Header authenticationHeader = new BasicScheme().authenticate(
                    new UsernamePasswordCredentials(CLIENT_ID, CLIENT_SECRET),
                    auth, null);
            auth.addHeader(authenticationHeader);
            List<NameValuePair> nvps = new ArrayList<NameValuePair>()
            nvps.add(new BasicNameValuePair("grant_type",
                    "client_credentials"));
            nvps.add(new BasicNameValuePair("scope", scope));
            auth.setEntity(new UrlEncodedFormEntity(nvps,
                    StandardCharsets.UTF_8));
            TokenResponse tokenResponse = null;
            try (CloseableHttpResponse response = httpClient.execute(auth)) {
                tokenResponse =
                        mapper.readValue(EntityUtils.toString(response.getEntity(),
                                StandardCharsets.UTF_8), TokenResponse.class);
                return tokenResponse.getAccessToken();
            } catch (ParseException | IOException e) {
                e.printStackTrace();
            }
        } catch (AuthenticationException e) {
            e.printStackTrace();
        }
        return null;
    }

Messages

TokenRequest

Name
Type
Description
Scope String The requested scope.
GrantType String The string “client_credentials”.

TokenResponse

Name
Type
Description
AccessToken String The access token.
TokenType String The string “Bearer”.
Scope String The requested scope.
ExpiresIn Long Millseconds until the access token expires unless refreshed.

Was this helpful?