APIs

token

URI

http://{Keycloak server}:{Keycloak port}/auth/realms/imanager/protocol/openid-connect/token

Supported Methods

POST

Introduction

Gets Token according to account information.

Supported representation format: JSON.

HTTP Request Method

An HTTP request is performed on the following URI. Here we take JSON output format for illustration. {Keycloak server} is the server name of Keycloak, you need to replace by the actual server IP; {Keycloak port} is the port number of Keycloak, you need to replace by the actual port.

http://{Keycloak server}:{Keycloak port}/auth/realms/imanager/protocol/openid-connect/token

Post Request

Gets Token according to account information.

Headers Format

Content-Type: application/x-www-form-urlencoded

Host: {Keycloak server}:{Keycloak port}

Request Params

Transmit the following parameters in the body when getting token:

Name Type Explanation
client_id String Product name('imanager' is the fixed parameter)
username String Username
password String Password
grant_type String Type obtained('password' is the fixed parameter)

Response Structure

Name Explanation
access_token The token for access
expires_in The expired time of the access_token
refresh_expires_in The expired time of the refresh_token
refresh_token Used for refresh the token when the token is expired
token_type The type of the token

Response Case

Execute POST request for token resource. URL: http://192.168.17.139:30474/auth/realms/imanager/protocol/openid-connect/token.

Headers:

Content-Type: application/x-www-form-urlencoded
Host: 192.168.17.139:30474

Body:

client_id=imanager&username=admin&password=admin&grant_type=password

Returned response:

{
"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0MoHKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q",
"expires_in":300,
"refresh_expires_in":1800,
"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2MTRkMDkwZi0wMDYzLTRmNWQtYWJkNy03NjExMDViOGFjZDAifQ.eyJqdGkiOiI0Y2YzMzBiMS1mYjA0LTQzOTMtYTAyMy1kZWRhY2UzYjAxMDUiLCJleHAiOjE1NTE4NjY1MDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IlJlZnJlc2giLCJhenAiOiJpbWFuYWdlciIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6ImVhMzU2ZDJjLTljNjEtNDkxNC05N2RmLWQ2NjQwMjA2MDVhMCIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.wYCP_SBRaMILwFHr63vudKASt7KV9eBHzQMet3XPUFw",
"token_type":"bearer",
"not-before-policy":0,
"session_state":"0dd081f8-caaf-4c3c-8f5e-d45f707f5569",
"scope":"email profile"
}

If the returned response you get was same as the example, you have got the token successfully, the token is the content in ‘access_token’. You can use the token to visit SuperMap iManager.

How to use token

After getting the access_token by POST request, execute the resource request, take http://{iManager server}:{iManager port}/imanager/dashboard/web/api/alert/problem as an example. There are three methods to achieve resource request, they are Authroization Header, Form-Encoded Body Parameter, and URI Query Parameter. The three methods decrement by priority.

Notes:

  1. The expiration time of access_token is 5 minutes. If the token was expired, used refresh_token to get the new token(the expiration time of refresh_token is 30 minutes), or reacquire the access_token.
  2. {iManager server} and {iManager port} in the URL are the IP and port number of iManager.(The IP and port number you used when getting token was the Keycloak’s IP and port)

Authorization Header

The format of Headers:

GET {resource} HTTP/1.1

Host:server:port
Authorization: Bearer {access_token}

Example:

GET http://192.168.17.139:31100/imanager/dashboard/web/api/alert/problem HTTP/1.1

Host: 192.168.17.139:31100

authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0Mo`HKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q`

The returned response in json format:

{
  "number":0,
  "from":0,
  "to":0
}

Form-Encoded Body Parameter

Use this method when the client does not support the method Authorization Header.

The format of Headers:

POST {resource} HTTP/1.1

Host: {server}:{port}
Content-Type: application/x-www-form-urlencoded

The format of Body:

access_token={access_token}

Notes:
Form-Encoded Body Parameter does not support GET request, the request body must follow the application/x-www-form-urlencoded coding, separate the parameters by symbol ’&‘.

URI Query Parameter

Use this method when both of Authorization Header and Form-Encoded Body Parameter could not request.

The format of Headers:

GET {resource}?access_token={access_token} HTTP/1.1

Host: {serer}:{port}
Cache-Control: no-store

Example:

Get http://192.168.17.139:31100/imanager/dashboard/web/api/alert/problem?access_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0MoHKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q HTTP/1.1

Host: 192.168.17.139:31100
Cache-Control: no-store

The returned rensponse in json format:

{
   "number":0,
   "from":0,
   "to":0
}