Set up your api client
This article shows you in detail how to set up an api client with client credentials.
1. Contact a kazi admin to get your client credentials
Once your app is registered on Azure, you will receive a client id and client secret.
2. Get an access token
Request
This is the bare minimum of what an access token request should look like:
POST /kazib2c.onmicrosoft.com/oauth2/token HTTP/1.1Host: login.microsoftonline.comContent-Type: application/x-www-form-urlencodedContent-Length: {calculated when request is sent}grant_type=client_credentials&client_id={your-client-id}&client_secret={your-client-secret}&resource=d00b610c-389f-4a05-97cc-f9a934488c8b
- It is a POST request to kazi's access token endpoint.
- The body contains the grant type, client id, client secret and resource in URL encoding.
Response
If all goes well, you will receive a 200 OK response with the following JSON body:
{"token_type": "Bearer","expires_in": "3599","ext_expires_in": "3599","expires_on": "1590489097","not_before": "1590485197","resource": "d00b610c-389f-4a05-97cc-f9a934488c8b","access_token": "{your-access-token}"}
The access token is a JSON Web Token which you can decode on jwt.ms.
- The token is valid for one hour. The claim exp - this is a unix timestamp - tells you when it expires.
- In the claim roles you can see which kazi api scopes have been granted to your application. For the call below you need the permission read:expectations.
Do not hesitate to contact a kazi admin if you think you are missing any other scopes.
3. Make your first call
Now that we have an access token, we will use it to try out the call Get expectations in the Tagging api.
Request
Both the access token and subscription key have to be added to the request header as follows:
GET /tagging/v2/expectations HTTP/1.1Ocp-Apim-Subscription-Key: {your-subscription-key}Authorization: Bearer {your-access-token}Host: test-api.kazi.be
Response
You should get a 200 OK response with a list of expectations.
4. Summary
Let's revise what you need to talk to our api:
- Obtain a client id and client secret from a kazi admin.
- Retrieve an access token with your client id and client secret.
- Use this token along with your subscription key to make an api call.