JWT Authentication in Reporting API

Owned by Enterprise IT
May 08, 2024
2 min read

Download Release Notes | Previous Versions: << Sierra << Sierra HF01 << Sierra SP1 << Sierra SP1 HF01 << Sierra SP1 HF02 << Sierra SP1 HF03 << Denali << Denali HF01 << Denali HF02 << Denali HF03 << Denali SP1 << Denali SP1 HF01 << Tahoe

What's New? | Customer Fixed Issues and Known Issues | Prerequisites | Installation, Configuration, and Upgrade

On this page: 



In the Reporting API, we have introduced JWT (JSON Web Tokens) based authentication to reduce the risk of security breaches.  To authenticate using JWTs, you must enable the following key in web.config. If the key is set as ‘False’ then it authenticates based on the API key. The JWT configuration setting consists of secret key which cannot be changed and expiry key (in mins) which you can set based on the requirement.

Key: <add key=” JWT: EnableToken” value= “True”/>

We have introduced two new APIs:

Generate Token

The Generate Token API enables you to generate authentication tokens used to provide secure path to access restricted applications. This API does not have payload, you must enter the following required details to generate the API token.

  • Type
  • Key
  • Value

To generate JWT token API, perform the following steps:

  1. Open the Postman application (you can use any application to get API response).

  2. Select HTTP Method as GET.

  3. Click Authorization tab and enter the following details as described in the following table.
    The Postman details screen is displayed.


    Figure: Postman – Details

    Field

    Description

    Type

    Select the API Key from the list.

    Key

    Key the APIKEY into the text box.

    Value

    Enter the standard API key from Summit application

    Add to

    Select Header from the list.

  4. Click Send.
    The generated token is displayed with expiry timestamp in seconds.


    Figure: Generate Token


Validate Token

The Validate Token API enables you to validate the generated authentication token. It is used to verify the authenticated token and provide a reliable and secure authentication validation.

Enter the following required details to validate token:

  • Type
  • Token

The token is validated with message in response as Valid.

To validate JWT token API, perform the following steps:

  1. Open the Postman application (you can use any application to get API response).

  2. Select HTTP Method as GET.

  3. Click Authorization tab and enter the following details as described in the following table.
    The Postman details screen is displayed.


    Figure: Postman - Details

    Field

    Description

    Type

    Select the Bearer Token from the list.

    Token

    Enter the generated token from the GenerateToken API.

  4. Click Send.
    A message is displayed if the validate token is valid or not.

    Note: In the existing getdnSchema API authentication process is changed.