Third-party software can access DPS data and information through authenticated API requests. During the authentication process, instead of using user credentials, with the risk of exposing the user's personal password (e.g. encoded in a configuration file), a Personal Access Token (also called a PAT) can be used.
A PAT is a long string consisting of numbers, letters and symbols that can be used as an alternative to a password.
pat_bd6ed997_bc86_47af_b418_765fb001c477
A PAT is uniquely associated to the user who creates it.
Managing PATs in the DPS
PAT creation is made directly into the DPS by entering the User Profile page. Within the Security tab is the Personal Access Tokens section, where you can see the PATs already created and their status.
On a PAT row, by pressing Revoke Token, the token is invalidated, and the PAT is removed. Third-party software using that PAT will no longer be able to make API calls, and a new PAT will have to be created.
By pressing the Add Token button, it is possible to create a new PAT. A dialog asks the user to provide a name, which is used to identify the created PAT.
By pressing the Save button, the PAT is created and the dialog offer a way to see and copy the token value.
Note that, once the dialog is closed, there is no way to read the PAT, for security reasons if you lose the token, you have to create a new PAT.
PATs belong to a user who creates them, so the user is also responsible to keep them safe.
Note that, the DPS user can manage PATs only if the WRITE_PAT permission is assigned to its user type.
Authentication with PAT
To make an API request to the DPS, a JWT token must be obtained, using the login endpoint.
Instead of using the standard user login endpoint, it is necessary to use the PAT-based login endpoint.
POST https://<API_BASE_URI>/identity/users/patLogin
X-Semioty-Tenant <TENANT_DOMAIN>
{
"apiKey": "<API_KEY>",
"pat" : "<PAT>"
}
Note that using a PAT also requires an API key, which must be configured with the right permissions.
For more details, see the DPS API guide, where you can find an example of a Python script that uses the PAT to log in and obtain the user's identity.
Comments
0 comments
Please sign in to leave a comment.