Authentication tokens play a vital role in securing access to web applications and services. An authentication token is a piece of data that identifies a user or an entity and verifies their identity to a system. It is used to ensure that only authorized users can access protected resources.
In this knowledge base article, we will explore what authentication tokens are and how to create them in Wyn Enterprise. Wyn Enterprise is a powerful platform for building and deploying business intelligence and data analytics solutions. It provides various features for securing access to resources, including the ability to create and manage authentication tokens.
How to create an AuthToken using API:
Creating an AuthToken for Wyn is easy. You will create an API request with details as follows:
POST {domain}/api/v2/identity/authorization-token
Body (raw JSON):
{
"User": "admin",
"Password": "admin",
"Lifetime": "36000000",
"OrganizationPath": "/",
"Language_Preference": "en-en"
}The cURL for this request is below:
curl --location --request POST 'localhost:51980/api/v2/identity/authorization-token' \
--header 'Content-Type: application/json' \
--data-raw '{
"User": "admin",
"Password": "admin",
"Lifetime": "36000000",
"OrganizationPath": "/",
"Language_Preference": "en-en"
}'The options for UserName/Password are standard, however, the other options are described here:
-
Lifetime: int // seconds, the token's lifetime, and also will use this lifetime to set the cookie's max-age.
-
OrganizaitonPath: string // Name Path, eg: '/Org1/sub1'. Use '/' to get authToken of Global.
-
Language_Preference: string // language code used to set the language preference of the user account.
An example output is below:
{
"authToken": "w6467F594s9BD3s4089s9F42s5A347BB5C105"
}Using the AuthToken
Using this token and integrating it into a URL, such as http://<domain>/integration/?authToken=<token> allows end-users to send the URL to anyone to view the data. When a user accesses this URL in the browser, the Wyn Server will exchange the AuthToken to a token and add it as a cookie to the response header. Then it will redirect this request to the URL without the AuthToken (but not changing other parts of the URL), and this action of AuthToken to token cookie conversion can only be done once. If the AuthToken has been used already, then it will be ignored.
When using the AuthToken in a URL with parameters, best practices indicate that the AuthToken should be added to the end of the URL.
Below is a diagram showing this process:
Brandon Boribong
Brandon is a Product Consultant for MESCIUS' Wyn Enterprise platform, where he works on technical demonstrations, support, and blog writing. Brandon graduated with a Bachelor's of Science in Computer Information Science and Technology from Temple University and has experience developing websites and apps, as well as client relations as a customer facing liaison. He likes to work on solving complex problems as a team and helping people achieve their goals through the use of technology. When he isn't thinking of problem solving, Brandon enjoys traveling with his wife, and going on scenic nature adventures. Brandon also loves videography and foreign cuisine.