Web Tokens
Web tokens enable two parties to transfer information securely. Applications Manager enables you to configure web tokens globally which can be used by the monitors for data collection.
Note: The Web Token authentication is currently supported only for the REST API and REST API Sequence monitors.
Creating a Web Token
Navigate to Settings → Discovery & Data Collection → Credential Settings → Web Token → Add New Web Token.
Add Web Token: Specify token details.
- Web Token name: Specify the name of the Web Token.
- Web Token endpoint URL: Specify the URL of the authentication server endpoint.
- Refresh Interval:Specify the time interval in which the Web Token should be refreshed to fetch a new Web Token.
Token Request Configuration: Specify the configuration for requesting the token.
- HTTP Method: Specify the method to be used for connecting with the Web Token endpoint URL - POST or GET. If you select POST method, you will be asked to choose the type of request data to be sent to the authentication server, under Request Body Type from the following options:
FORM: If you select this, enter the request data required to be sent to the server in the Request body field, in a line-by-line format.
Example input:
username=adminuname&password=adminpasswd
- TEXT: If you select this, enter the request data required to be sent to the server in the Request body field, in text format.
XML: If you select this, enter the request data required to be sent to the server in the Request body field, in XML format.
Example input:
<credentials>
<username>adminuname</username>
<password>adminpasswd</password>
</credentials>
JSON: If you select this, enter the request data required to be sent to the server in the Request body field, in JSON format.
Example input:
{
"username": "adminuname",
"password": "adminpasswd"
}
- HTTP Request Headers: Specify any additional headers required for the token request.
- Credentials: Specify the username and password for URLs requiring Basic/NTLM-based authentication.
- Client Certificate: Specify the client certificate required to fetch the token. Only PKCS#12(.p12) is supported.
Token Request Extraction: The token value in the response is extracted and can be further used to customize request parameters, headers, and more for other monitor types where authentication is needed in the request URI.
Response format: Specify the format in which you want to extract values from the Web Token (regular expressions, JSONPath expressions, or XPath expressions)
Note: Values present in response headers can also be read.
- Token Response Path: Specify the regular expressions, JSONPath expressions XPath expressions or response header name that contains the token. Learn more about configuring Token Response Path
Token Configuration for Monitor Data Collection:
DataCollection Request Method:Choose the method used to submit Web Tokens for authenticating API endpoints in monitors. You can use customized nomenclatures in the parameter fields.
The web token value is substituted in place of ${WebToken} in the value field.
Basic Authentication:The Web Token is sent as the request header. The bearer token must be sent in the following name-value syntax:
Authorization: Bearer ${WebToken}
URI query parameter:Web token is sent in the URI query parameter. The following syntax must be used:
token=${WebToken}
Configure Token Response Path
Given below are the various response formats you can expect from token endpoint.
Note: Token response path is the path to extract the token and Response refers to the response from the token Endpoint URL.
JSON
Sample:
{
"access_token":"XXXXXXX",
"token_type":"bearer",
"expires_in":4289,
"issued":"Mon, 20 Jun 2021 09:39:44 GMT",
"list":[
{
"tokenName":"StudentAuth",
"tokenValue":"3q898sejhg"
},
{
"tokenName":"ProfAuth",
"tokenValue":"$97q3ekh"
},
{
"tokenName":"StaffAuth",
"tokenValue":"93&3jhiudz"
}
]
}
Following are few example JSON response paths and their respective values extracted for the above sample JSON data:
| Response Path | Web Token Value |
|---|
| access_token | XXXXXXX |
| token_type | bearer |
| list | "list":[
{
"tokenName":"StudentAuth",
"tokenValue":"3q898sejhg"
},
{
"tokenName":"ProfAuth",
"tokenValue":"$97q3ekh"
},
{
"tokenName":"StaffAuth",
"tokenValue":"93&3jhiudz"
}
]
|
| list[1].tokenValue | 3q898sejhg |
| list[0].tokenName | StudentAuth |
| list[2].tokenValue | 93&3jhiudz |
XML
Sample XML:
<petstore>
<animals>
<pet id="1">
<type>Dog</type>
<name no="1">Richie</name>
<age>8</age>
</pet>
<pet id="2">
<type>Cat</type>
<name no="2">Sky</name>
<age>4</age>
</pet>
</animals>
<birds>
<bird id="1">
<name no="3">Snow</name>
<age>5</age>
</bird>
<bird id="2">
<name no="4">Ray</name>
<age>7</age>
</bird>
</birds>
</petstore>
Following are few example XPATH expressions and results for the above sample xml data:
| XPath Expression | Description | Result |
|---|
| / | Select the document node | The output will be same as the xml content given as input |
| /petstore/animals/pet | Select all the 'pet' elements, which are the direct children of 'animals' node | <pet id="1">
<type>Dog</type>
<name no="1">Richie</name>
<age>8</age>
</pet>
<pet id="2">
<type>Cat</type>
<name no="2">Sky</name>
<age>4</age>
</pet> |
| //name[@no] | Select all the 'name' elements with 'no' attribute | <name no="1">Richie</name>
<name no="2">Sky</name>
<name no="3">Snow</name>
<name no="4">Ray</name> |
| /petstore//bird[last()] | Select the last bird element | <bird id="2">
<name no="4">Ray</name>
<age>7</age>
</bird> |
| sum(//age) | Select the sum of age element values | 24 |
| string-length(//pet[1]/name) | Select the length of the first 'pet' element's name value | 6 |
| //pet[1]/name/text() | Select the textual value of first 'pet' element's name | Richie |
| count(/petstore//pet) | Select the count of 'pet' elements | 2 |
Text
The entire response is considered as the token.
Response Header
Specify the response header name in the Token Response Path which holds the actual token value.
Example response header:
HTTP/1.1 200 OK
Content-Type: application/json
tokenvalue: ebfb7ff0-b2f6-41c8-bef3-4fba17be410
In the above example, the header name tokenvalue contains the actual token value in the header response. Therefore, the input to be specified in the Token Response Path field should be tokenvalue.
Note: If two headers of the same name are present, then the last one is considered.
Thank you for your feedback!
