1.0 Introduction
This article explains how to generate an access token using client app credentials to programmatically authenticate with Fortanix Armor solutions.
2.0 Generate an Access Token
To programmatically access Fortanix Armor solutions, you must first obtain an access token using your client app’s app_id and api_key.
This access token authorizes subsequent API calls to Fortanix Armor and Fortanix Key Insight.
Example Request:
ENCODED_CREDENTIAL=$(echo -n 'app_id:api_key' | base64)
curl -X POST \
-H "Authorization: Basic ${ENCODED_CREDENTIAL}" \
-H 'X-Csrf-Header:""' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d "grant_type=client_credentials" \
https://api.armor.fortanix.com/api/v1/iam/session/oauth2/token \
| jq -r '.access_token'app_id– The unique identifier of the client app created in Fortanix Armor IAM. The app ID is available on the client app’s details page.
Figure 1: Access client app ID
api_key– The API key generated for the client app (must be stored securely). For information on obtaining the API key from the client app, refer to Fortanix Armor Identity and Access Management (IAM).
Figure 2: Access client app API key
grant_type– Always set toclient_credentials.The Base64-encoded credential (app_id:api_key) – Used for authentication as a bearer token.
The above API returns a JSON response containing an access_token. This access token must be included in the Authorization header for all subsequent REST API calls. For information on how to use the access token in REST API calls, refer to Programmatic Access to Fortanix Key Insight APIs.
NOTE
The access token is valid for 60 seconds. After it expires, you must generate a new token to continue performing API requests.
3.0 Fortanix Armor REST APIs
For detailed information on Fortanix Armor and Fortanix Key Insight REST APIs, refer to the Fortanix Armor API documentation.