Help Center/ Cognitive Engagement Center/ API Reference/ Case2.0 Interface Reference/ Authentication Machine-Machine Interface/ Authentication Machine-Machine Interface (SaaS Integrated Deployment)
Updated on 2025-03-31 GMT+08:00

Authentication Machine-Machine Interface (SaaS Integrated Deployment)

Prerequisites

In the integration environment, for example, in the public cloud environment, sign in to a tenant space as a tenant administrator and visit https://Domain name/baas/auth/v1.0/idp?client-name=Tenant administrator account name&redirect=/studio/index.html to switch to AppCube.

Procedure

  1. Choose User and Profile > Users and click New to create a machine-machine user. Set User Type to Machine User and Profile to OpenApi, set other required parameters, and click Save.

  2. Choose System Management > OAuth, click New, set Name to a customized name and User to the user created in step 1, and click Save.

  1. On the OAuth Manager page, click corresponding to the new authentication record, download the key file to the local PC, and obtain the authentication client ID and authentication key from the file.

    The name of the key file downloaded to the local PC is Authentication name.csv. The file contains the following parameters:
    • username: user created in step 1
    • client_id: authentication client ID
    • client_secret: authentication key

  2. Invoke the authentication interface.

    Invoke the /baas/auth/v1.0/oauth2/token interface to obtain the value of access_token based on the authentication ID and key.
    Table 1 Basic interface information

    Interface

    URL

    Protocol

    Method

    token

    /baas/auth/v1.0/oauth2/token

    HTTPS

    POST

    Table 2 Request parameters

    Parameter

    Type

    Mandatory (M)/Optional (O)

    Position

    Description

    Setting

    grant_type

    String

    M

    Body

    Authorization mode, which corresponds to the value of grant_type in OAuth 2.0.

    Set this parameter to client_credentials, indicating the client mode.

    client_id

    String

    M

    Body

    Authentication client ID.

    Set this parameter to the value obtained in step 4.

    client_secret

    String

    M

    Body

    Authentication key.

    Set this parameter to the value obtained in step 4.

    Table 3 Response parameters

    Parameter

    Type

    Position

    Description

    access_token

    String

    Body

    Access token. The third-party system needs to use this access token to access business interfaces later.

    expires_in

    Number

    Body

    Access token hold duration.

    token_type

    String

    Body

    Access token type.

Example

Scenario: Obtain an access token to access machine-machine interfaces.

URL: https://Domain name/baas/auth/v1.0/oauth2/token

  • Request header
{
    "grant_type":"client_credentials"
    "client_id":"************************"
    "client_secret":"**************************"
}
  • Response
{
     "access_token": "ACCESS_TOKEN",
     "expires_in": 7200,
     "token_type": "Bearer" 
}

The access token returned in the response is used to access machine-machine interfaces.