Authentication for Software Container Delivery REST API
When calling the Software Container Delivery REST API, a producer user must authenticate themselves, using the /authenticate endpoint. The FlexNet Operations producers pass their credentials to the /authenticate endpoint, which creates a JSON Web Token (JWT) that can be used to authorize access to any endpoint of the Software Container Delivery REST API. Credentials are a Base64-encoded combination of the producer’s user name and password separated by a colon (:).
The following sections describe the main steps involved in authentication:
| • | Step 1: Providing FlexNet Operations Credentials |
| • | Step 2: Providing a JWT |
Step 1: Providing FlexNet Operations Credentials
The following procedures explain how to provide credentials, including an example for each step.
To provide FlexNet Operations credentials
| 1. | Concatenate the user name and password with a single colon. |
Example: If the user name is "registryserviceuser@revenera.com" and the password is "password", the resulting concatenated string would be registryserviceuser@revenera.com:password.
| 2. | Base64 encode the concatenated user name and password. |
Example: Base64 encode the string registryserviceuser@revenera.com:password to obtain "cmVnaXN0cnlzZXJ2aWNldXNlckByZXZlbmVyYS5jb206cGFzc3dvcmQ="
| 3. | Add either "Fno" or "Basic" before the Base64-encoded string. |
Examples:
Fno cmVnaXN0cnlzZXJ2aWNldXNlckByZXZlbmVyYS5jb206cGFzc3dvcmQ=
Basic cmVnaXN0cnlzZXJ2aWNldXNlckByZXZlbmVyYS5jb206cGFzc3dvcmQ=
| 4. | Make a GET call to the /authenticate endpoint, where you add the "Authorization" key to the header of the request, with the Base64-encoded result as the value. |
Example: Add the value "Basic cmVnaXN0cnlzZXJ2aWNldXNlckByZXZlbmVyYS5jb206cGFzc3dvcmQ=" (or
"Fno cmVnaXN0cnlzZXJ2aWNldXNlckByZXZlbmVyYS5jb206cGFzc3dvcmQ=") to the Authorization header.
The response will include a JWT, which producers can use to authenticate themselves when calling any endpoint of the Software Container Delivery REST API.
When accessing any endpoint of the Software Container Delivery REST API, producers authenticate themselves by including the JWT (generated in Step 1: Providing FlexNet Operations Credentials) in the header of the request. The validity of the JWT is 60 minutes.
To provide a JWT
| 1. | Call the desired endpoint. |
| 2. | Add the "Authorization" key to the header of the request, with the JWT as the value, so that it resembles this example: |
Authorization: Bearer
eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE1NTcwOTEwOTl9.PMMvCRlOkTCtS1pDIKzEHIvEjIctvc5RrN2keQCU5AUp-tg1ekIXOOtuaHKZJEfVFdmZqvDulI47t5_vcB_VeFbl2QQirvzkrg1YHbyZMLmc_jMSSsgAqvSlaz83jOU7lJvF_bZl_xv5O3jb5MJDoD6v4Miuc-J46hJGe4UvEc