APIs
token
URI
http://{Keycloak server}:{Keycloak port}/auth/realms/imanager/protocol/openid-connect/token
Supported Methods
POST
Introduction
Gets Token according to account information.
Supported representation format: JSON.
HTTP Request Method
An HTTP request is performed on the following URI. Here we take JSON output format for illustration. {Keycloak server}
is the server name of Keycloak, you need to replace by the actual server IP; {Keycloak port}
is the port number of Keycloak, you need to replace by the actual port.
http://{Keycloak server}:{Keycloak port}/auth/realms/imanager/protocol/openid-connect/token
Post Request
Gets Token according to account information.
Headers Format
Content-Type: application/x-www-form-urlencoded
Host: {Keycloak server}
:{Keycloak port}
Request Params
Transmit the following parameters in the body when getting token:
Name | Type | Explanation |
---|---|---|
client_id | String | Product name('imanager' is the fixed parameter) |
username | String | Username |
password | String | Password |
grant_type | String | Type obtained('password' is the fixed parameter) |
Response Structure
Name | Explanation |
---|---|
access_token | The token for access |
expires_in | The expired time of the access_token |
refresh_expires_in | The expired time of the refresh_token |
refresh_token | Used for refresh the token when the token is expired |
token_type | The type of the token |
Response Case
Execute POST request for token resource. URL: http://192.168.17.139:30474/auth/realms/imanager/protocol/openid-connect/token
.
Headers:
Content-Type: application/x-www-form-urlencoded
Host: 192.168.17.139:30474
Body:
client_id=imanager&username=admin&password=admin&grant_type=password
Returned response:
{
"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0MoHKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q",
"expires_in":300,
"refresh_expires_in":1800,
"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2MTRkMDkwZi0wMDYzLTRmNWQtYWJkNy03NjExMDViOGFjZDAifQ.eyJqdGkiOiI0Y2YzMzBiMS1mYjA0LTQzOTMtYTAyMy1kZWRhY2UzYjAxMDUiLCJleHAiOjE1NTE4NjY1MDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IlJlZnJlc2giLCJhenAiOiJpbWFuYWdlciIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6ImVhMzU2ZDJjLTljNjEtNDkxNC05N2RmLWQ2NjQwMjA2MDVhMCIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.wYCP_SBRaMILwFHr63vudKASt7KV9eBHzQMet3XPUFw",
"token_type":"bearer",
"not-before-policy":0,
"session_state":"0dd081f8-caaf-4c3c-8f5e-d45f707f5569",
"scope":"email profile"
}
If the returned response you get was same as the example, you have got the token successfully, the token is the content in ‘access_token’. You can use the token to visit SuperMap iManager.
How to use token
After getting the access_token by POST request, execute the resource request, take http://{iManager server}:{iManager port}/imanager/dashboard/web/api/alert/problem
as an example. There are three methods to achieve resource request, they are Authroization Header, Form-Encoded Body Parameter, and URI Query Parameter. The three methods decrement by priority.
Notes:
- The expiration time of access_token is 5 minutes. If the token was expired, used refresh_token to get the new token(the expiration time of refresh_token is 30 minutes), or reacquire the access_token.
{iManager server}
and{iManager port}
in the URL are the IP and port number of iManager.(The IP and port number you used when getting token was the Keycloak’s IP and port)
Authorization Header
The format of Headers:
GET {resource}
HTTP/1.1
Host:server:port
Authorization: Bearer {access_token}
Example:
GET http://192.168.17.139:31100/imanager/dashboard/web/api/alert/problem
HTTP/1.1
Host: 192.168.17.139:31100
authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0Mo`HKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q`
The returned response in json format:
{
"number":0,
"from":0,
"to":0
}
Form-Encoded Body Parameter
Use this method when the client does not support the method Authorization Header.
The format of Headers:
POST {resource}
HTTP/1.1
Host: {server}:{port}
Content-Type: application/x-www-form-urlencoded
The format of Body:
access_token={access_token}
Notes:
Form-Encoded Body Parameter does not support GET request, the request body must follow the application/x-www-form-urlencoded coding, separate the parameters by symbol ’&‘.
URI Query Parameter
Use this method when both of Authorization Header and Form-Encoded Body Parameter could not request.
The format of Headers:
GET {resource}
?access_token={access_token}
HTTP/1.1
Host: {serer}:{port}
Cache-Control: no-store
Example:
Get http://192.168.17.139:31100/imanager/dashboard/web/api/alert/problem?
access_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlWVE3WDVFaGMxeV9mbUl5RGtoZEhFejlxSjNPYWp1enR3RG9ybW8zaGFnIn0.eyJqdGkiOiIyMjA0ODNiMi05OGZjLTRmZDYtYmY2ZS1mOTkxYmE2NTAwZGYiLCJleHAiOjE1NTE4NjUwMDEsIm5iZiI6MCwiaWF0IjoxNTUxODY0NzAxLCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xNy4xMzk6MzA0NzQvYXV0aC9yZWFsbXMvaW1hbmFnZXIiLCJhdWQiOiJpbWFuYWdlciIsInN1YiI6ImJkYTBlYmY1LWE3OGEtNDljMS05M2NkLWIyN2FhN2E2MzkxYyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImltYW5hZ2VyIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiZWEzNTZkMmMtOWM2MS00OTE0LTk3ZGYtZDY2NDAyMDYwNWEwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VycyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImlzZXJ2ZXItMTQiOnsicm9sZXMiOlsiQURNSU4iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJsb2NhbGUiOiJ6aC1DTiJ9.ej6Ct3oY7EJaaqIGltaJeyBlyC6lbo7ovQ6Hj6s9VSLPweoA7ugz5EGJiFdKcUojYen_RpdHSYsrwuFtYVEu9iTLDVdnxqmpGon90_XsuyA0TQEj9nJQ7IU7WaaqeHdSDMwA7m-QZHXZ0hkURyun18uTcp6JqkXWrynT9_wZZqe_ICpAUxsNUx4p3rBxxt6dlNmvPOLoqv8SIs9_wpJ0MoHKZ0RLR0Fwr14eHcCIHwgleMcOKqMHwCE_GmIVEvgZbO-SiaZQ6Vv4aP670FB_1DnEwqperTeFxpKQLdDfjOe-xF82DaNqBufAdm7FyG4OPc991ixm33fM8Yl-lmTM-Q HTTP/1.1
Host: 192.168.17.139:31100
Cache-Control: no-store
The returned rensponse in json format:
{
"number":0,
"from":0,
"to":0
}