Access-token/Admin
This API provides a signed access token using a shared secret between bridgekeeper and a third party application per integration. Once obtained, the token is valid for ten minutes. The third party application must send the token, along with the domain for which the data is requested, for accessing protected data APIs in bridgekeeper.
Requirements
- A realm should exist in bridgekeeper.
- An integration should be created for this realm with a Secret Key setup. (There is no UI to do this setup so you will require platform teams help to set it up for you.)
- A realm mapping should be created between this realm and any other realm this realm's users should have access to data for (e.g. foo.com admin would have access to foo.com frontend users)
- The integration details (integration id and secret) should be shared with the client.
Usage
You can make a GET
call to /admin/access-token/integrations/<id>?secret=<secret>
Sample CURL
curl -X GET \
http://<publisher-website-url>/api/v1/admin/access-token/integrations/<integration-id>?secret=<integration-secret> \
-H 'Host: localhost:8001'
publisher-website-url
- Website url of publisher eg: kishorealo.com
integration-id
- Id of the integration set up with bridgekeeper and third party application eg: Accesstype,Metype
Sample response with valid JWT token
Status: 200
Body: {"token": <new JWT token>}
Sample response with valid integration id but invalid secret
Status: 401
Sample response with valid secret but invalid integration id
Status: 404