Breadcrumbs

PasswordCredentials

Summary

The Password Credentials Authentication allows connection to a Service through the Password grant.
This component will fetch the token and add the required Authorization Header to the requests created by the RestNetwork.
This component expects a response with a JSON body. The JSON must at least contain the "access_token" key with a String value and the "expires_in" key with a numeric value. 
Once the time given by the response through the "expires_in" key has elapsed, this component will refresh the token.
If this component was given a response with a "refresh_token" key with a numeric value, the token will be refreshed using the Refresh Token grant otherwise a new request will be sent.

image2023-1-12_17-14-40-.png

Implementation

  • Drag the authentication from the palette into the AuthenticationContainer of the Http Config.

  • Fill the fields.

  • As soon as the RestNetwork will try to send a request, the component will fetch the token and add it to the request. You can also trigger the "refreshToken" Action.

  • The authenticated field should display true if everything went well, check the station console otherwise.

(warning) Only one authentication per AuthenticationContainer is possible.

Properties

  • Authenticated: If true, indicates that an AccessToken has been successfully fetched.

  • Token: Displays the first ten letters of the token if a token was successfully fetched.

  • Scope: (optional) Scopes for the client credentials grant. It may have multiple values.

  • Audience: (optional) Audiences for the client credentials grant. It may have multiple values.

  • Timeout: The timeout on the request that will fetch the token.

  • RequestContentType: The content type of the request that will be sent to fetch the token. The standard states that x-www-form-urlencoded should be used, but many API use JSON instead.

  • ClientAuthentication: Determines whether the clientId and clientSecret are sent through the body or through a Basic auth header.

  • AccessTokenUrl: The URL to get the token.

  • ClientId: Field containing the ClientId. It is encrypted and cannot be copied with the component. 

  • ClientSecret: Field containing the ClientSecret. It is encrypted and cannot be copied with the component. 

  • Username: Field containing the Username

  • Password: Field containing the Password. It is encrypted and cannot be copied with the component. 

Actions:

  • RefreshToken: Refresh the token