Key Manager Authenticate (Cert)

Authenticates the API caller on the key manager using the client certificate provided in the TLS session, returning a key manager token.

Authenticate.

Based on the SSL client certificate presented by the TLS layer, authenticate the API caller and return a session token.

POSTyourkeymanagerURL-api.symphony.com/keyauth/v1/authenticate

Response

OK.

Body

namestring

The name of the header in which the token should be presented on subsequent API calls.

tokenstring

Authentication token that should be passed as header in each API rest calls. This should be considered opaque data by the client. It is not intended to contain any data interpretable by the client. The format is secret and subject to change without notice.

authorizationTokenstring

(Beta) Short lived access token built from a user session. This field is still on Beta, please continue using the returned "token" instead.

Request

const response = await fetch('yourkeymanagerURL-api.symphony.com/keyauth/v1/authenticate', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

{
  "name": "text",
  "token": "text",
  "authorizationToken": "text"
}

❗️ Key Manager Token Management
The token you receive is valid for the lifetime of a session that is defined by your pod's administration team. This ranges from 1 hour to 2 weeks.
You should keep using the same token until you receive a HTTP 401, at which you should re-authenticate and get a new token for a new session.
Datafeeds survive session expiration, you do not need to re-create your datafeed if your session expires.

🚧
Before calling the Pod endpoints, the caller must be authenticated with the pod (the dedicated Symphony cloud service) by calling the Session Authenticate endpoint, followed by this one.

To call the Key Manager Authenticate endpoint, you must provide a certificate where the Common Name of the certificate matches the username of an active Service User account on your pod.

Last updated 7 days ago