Software AG Products 10.11 | Administering API Portal | Managing API Assets | API Portal Extension Points | Managing Access Tokens
 
Managing Access Tokens
This section explains how a provider registered with SMTP details can provide access tokens for the consumers.
Accessing the list of all events in the INPROGRESS status
Method: GET
EndPoint: http://<host>:<port>/abs/apirepository/v1/events?eventStatus=INPROGRESS
Publishing an access token
A provider can publish the access token for the respective access token request based on the eventId value.
Method: POST
EndPointURL: http://<host>:<port>/ abs/apirepository/v1/accesstokens?eventId=<eventId>
Sample request payload for API key
{
"name": "<application name>",
"description": "<sample desc>",
"appId": "65177516-3fd8-47ea-89b5-6d94eb2ce5c0",
"userId": "4ee9c60c-c32e-3615-83c4-5dc6822c45de",
"type": "Application",
"accessTokenDetails": [{
"type": "APIKey",
"properties": [{
"key": "apiKeyString",
"value": "97cab587-2a3c-4308-8268-b636ea1479b6"
}]
}]
}
Sample request payload for OAuth2
{
"name": "<application name>",
"description": "<sample desc>",
"appId": "51051137-2de6-44ad-98ef-f3761eb5ca59",
"userId": "4ee9c60c-c32e-3615-83c4-5dc6822c45de",
"type": "Application",
"accessTokenDetails": [{
"type": "OAuth2",
"properties": [{
"key": "clientId",
"value": "18c2190c-dc8e-449f-aa09-9cdda75bf4d0"
},
{
"key": "clientSecret",
"value": "09d37e9d-d16c-49b6-a436-64e806f188cc"
},
{
"key": "refreshCount",
"value": "0"
},
{
"key": "expiryDate",
"value": "3600"
},
{
"key": "redirect_uris",
"value": "[\"<redirect_uri endpoint>\"]"
},
{
"key": "authorization_uris",
"value": "[\"<authorization_uri endpoint>\"]"
},
{
"key": "accesstoken_uris",
"value": "[\"<accesstoken_uri endpoint>\"]"
},
{
"key": "refreshtoken_uris",
"value": "[\"<refreshtoken_uri endpoint>\"]"
}
]
}

]
}
Sample response payload for the API key once the request is processed successfully:
{
"status":"SUCCESS",
"message":"Access token created successfully!",
"accesstokenuuid":"<GUID>"
}
Renewing an access token
The renew access token request is based on the accesstokenuuid and eventId value.
Method: PUT
EndPointURL: http://<host>:<port>/ abs/apirepository/v1/accesstokens/<accesstokenuuid>?eventId=<eventId>
Request payload
{
"type":"APIKey",
"accessTokenDetails":[
{
"key":"apiKeyString",
"value":"< apiKeyString >"
},
{
"key":"expiryDate",
"value":"< expiryDate >"
}
]
}
Response payload
{
"status":"SUCCESS",
"message":"Access token renewed successfully!"
}
Revoking an access token
The revoke access token request is based on the accesstokenuuid and eventId value.
Method: DELETE
EndPointURL: http://<host>:<port>/ abs/apirepository/v1/accesstokens/<accesstokenuuid>?eventId=<eventId>
Response: 204 (No content)