Token-Based Authentication
FlexNet Operations users can use a token-based authentication mechanism to securely authorize SOAP and REST web service calls to FlexNet Operations.
In token-based authentication, the client first authenticates with their credentials. If successful, they receive an access token, which then must be included as a Bearer token in the Authorization HTTP header for subsequent requests. The access token has a limited duration and contains authorization information, but no identity information.
FlexNet Operations users manage bearer tokens using the REST web service access-token-controller. This REST web service supports creating, reading, updating, searching, rotating, and deleting tokens, as well as using the tokens to call the APIs.
Note:Tokens can also be managed using the Manage Access Tokens page in the Producer Portal or End-User Portal. For more information, see the section Managing Access Tokens in the FlexNet Operations User Guide or Managing Access Tokens in the FlexNet Operations End-User Portal Help. Both documents are available from the Revenera Documentation site.
This section covers the following:
| • | Which APIs Support Token-Based Authentication? |
| • | Key Information for the access-token-controller REST Web Service |
| • | Token Types and Their Uses |
| • | Token Attributes |
| • | Managing Tokens |