Web Tokens

Web tokens enable two parties to transfer information securely. Applications Manager enables you to configure web tokens globally which can be used by the monitors for data collection.

Note: The Web Token authentication is currently supported only for the REST API and REST API Sequence monitors.

• Creating a Web Token
  • Add Web Token
  • Token Request Configuration
  • Token Request Extraction
• Configure Token Response Path
  • JSON
  • XML
  • Header
  • Text

Creating a Web Token:

Navigate to Settings → Discovery & Data Collection → Credential Settings → Web Token → Add New Web Token.

Add Web Token: Specify token details.

• Web Token name: Specify the name of the Web Token.
• Web Token endpoint URL: Specify the URL of the endpoint of authentication server.
• Refresh Interval:Specify the time interval in which the Web Token should be refreshed to fetch a new Web Token.

Token Request Configuration: Specify the configuration for requesting the token.

• HTTP Method: Specify the method to be used for connecting with the Web Token endpoint URL - POST or GET. If you select POST method, you will be asked to choose the type of request data to be sent to the authentication server, under Request Body Type from the following options:
  • FORM: If you select this, enter the request data required to be sent to the server in the Request body field, in a line-by-line format.
    Example input:

    username=adminuname&password=adminpasswd

  • TEXT: If you select this, enter the request data required to be sent to the server in the Request body field, in text format.
  • XML: If you select this, enter the request data required to be sent to the server in the Request body field, in XML format.
    Example input:

    <credentials>
    <username>adminuname</username>
    <password>adminpasswd</password>
    </credentials>

  • JSON: If you select this, enter the request data required to be sent to the server in the Request body field, in JSON format.
    Example input:

    {
      "username": "adminuname",
      "password": "adminpasswd"
    }

• HTTP Request Headers: Specify any additional headers required for the token request.
• Credentials: Specify the username and password for URLs requiring Basic/NTLM-based authentication.
• Client Certificate: Specify the client certificate required to fetch the token. Only PKCS#12(.p12) is supported.

Token Request Extraction: The token value in the response is extracted and can be further used to customize request parameters, headers, and more for other monitor types where authentication is needed in the request URI.

• Response format:Specify the format in which you want to extract values from the Web Token (regular expressions, JSONPath expressions, or XPath expressions)

  Note: Values present in response headers can also be read.

• Token Response Path: Specify the regular expressions, JSONPath expressions XPath expressions or response header name that contains the token.

Token Configuration for Monitor DataCollection:

• DataCollection Request Method:Choose the method used to submit Web Tokens for authenticating API endpoints in monitors. You can use customized nomenclatures in the parameter fields.

  The web token value is substituted in place of ${WebToken} in the value field.

• Basic Authentication:The Web Token is sent as the request header. The bearer token must be sent in the following name-value syntax:

  Authorization: Bearer ${WebToken}

• URI query parameter:Web token is sent in the URI query parameter. The following syntax must be used:

  token=${WebToken}

Configure Token Response Path

Given below are the various response formats you can expect from token endpoint.

Note: Token response path is the path to extract the token and Response refers to the response from the token Endpoint URL.

JSON

{
   "access_token":"XXXXXXX",
   "token_type":"bearer",
   "expires_in":4289,
   "issued":"Mon, 20 Jun 2021 09:39:44 GMT",
   "list":[
      {
         "tokenName":"StudentAuth",
         "tokenValue":"3q898sejhg"
      },
      {
         "tokenName":"ProfAuth",
         "tokenValue":"$97q3ekh"
      },
      {
         "tokenName":"StaffAuth",
         "tokenValue":"93&3jhiudz"
      }
   ]
}

Following are few example JSON response paths and their respective values extracted for the above sample JSON data:

"list":[
      {
         "tokenName":"StudentAuth",
         "tokenValue":"3q898sejhg"
      },
      {
         "tokenName":"ProfAuth",
         "tokenValue":"$97q3ekh"
      },
      {
         "tokenName":"StaffAuth",
         "tokenValue":"93&3jhiudz"
      }
    ]
	

XML

<petstore>
   <animals>
      <pet id="1">
         <type>Dog</type>

         <name no="1">Richie</name>
         <age>8</age>
      </pet>
      <pet id="2">
         <type>Cat</type>
         <name no="2">Sky</name>
         <age>4</age>
      </pet>
   </animals>
   <birds>
      <bird id="1">
         <name no="3">Snow</name>
         <age>5</age>
      </bird>
      <bird id="2">
         <name no="4">Ray</name>
         <age>7</age>
      </bird>
   </birds>
</petstore>

Following are few example XPATH expressions and results for the above sample xml data:

<pet id="1">
    <type>Dog</type>
    <name no="1">Richie</name>
    <age>8</age>
</pet>
<pet id="2">
    <type>Cat</type>
    <name no="2">Sky</name>
    <age>4</age>
</pet>

<name no="1">Richie</name>
<name no="2">Sky</name>
<name no="3">Snow</name>
<name no="4">Ray</name>

<bird id="2">
    <name no="4">Ray</name>
    <age>7</age>
</bird>

Text

The entire response is considered as the token.

Response Header

The given header name in the Token Response Path is the actual token value.

Example:
Response Path: tokenvalue
tokenvalue: ebfb7ff0-b2f6-41c8-bef3-4fba17be410c

Note: If two headers of the same name are present, then the last one is considered.