Knowledge Base
How Do You Implement OAuth 2.0 for SCM?
Overview:
This guide explains how to implement OAuth 2.0 authentication for integrating with the SCM Admin API. It covers the entire process from preparing API credentials to configuring Postman and generating access tokens. You’ll learn how to:
-
Obtain Client ID and Client Secret by creating an API key in SCM.
-
Import the OpenAPI specification into Postman for streamlined API testing.
-
Configure OAuth 2.0 authorization in Postman and retrieve tokens.
-
Make secure token requests using cURL and Python examples.
By following these steps, developers and administrators can ensure secure and efficient API communication using industry-standard OAuth 2.0 protocols.
Steps to implement OAuth 2.0 for SCM Admin
Prepare for OAUTH 2.0
In SCM, obtain the Client ID and Secret by creating a new API Key:
-
Select “Settings”
-
Select “Admin”
-
Find your Admin (choose an admin within scope of account access needed to make meaningful responses)
-
Select the Admin and choose the “API Keys” context button.
-
Create a new API Key (if one does not already exist) and take note of the:
-
Client ID
-
Secret ID
-
Open API Specification file from URL (The URL will build itself uniquely based on the SCM tenant)
In Postman: Create a new workspace:
-
Choose the “Import” workspace button:
-
Enter the OpenAPI documentation URL in the “Paste cURL, Raw text or URL...” input field and wait for the pre-import to succeed.
-
Choose the “Import” option having the default selection:
In Postman: Configure the workspace Authorization for OAuth 2.0:
-
Select the “Admin Operations” parent folder from the “Collections” tree and click the “Auth” tab:
-
In the “Auth” tab, leave all fields default with exception to “Client ID” and “Client Secret”. Populate those fields with your admin API Key “Client ID” and “Client Secret”.
-
Click the “Get New Access Token” button:
-
When the request succeeds, click the “Use Token” button set the token variable for your requests within the new Admin collection:
Other:
Clients developing integrations/ coding against our API, who need to return an OAuth 2.0 token will make the following web request:
POST: https://auth.sso. {{instance}}. sectigo.com/auth/realms/apiclients/protocol/openid-connect/token
Headers:
-
Authorization: Basic (base64 Encoded {Client_IDvalue:Client_SecretValue})
-
Content-Type : application/x-www-form-urlencoded
-
Accept-Encoding: gzip, deflate, br
-
Host: auth.sso.{{instance}}. sectigo.com
Request Body:
-
grant_type: "client_credentials"
OAuth 2.0 Example Auth:
cURL:
curl --location 'https://auth.sso.{{instance}}. sectigo.com/auth/realms/apiclients/protocol/openid-connect/token'
--header 'Authorization: Basic ZjUzMzhhNzYtZ123NS00NWJmLWF12mQtYzNjOGY2YTgzY2JlOnZ1234zSzhJRXFFQl1LVGohY0F4YkxmZUJbOFNxVl5P'
--header 'Content-Type: application/x-www-form-urlencoded'
--data-urlencode 'grant_type=client_credentials'
Python http.client
import http.client
conn = http.client.HTTPSConnection("auth.sso.demo.sectigo.com")
payload = 'grant_type=client_credentials'
headers = {
'Authorization': ' Basic ZjUzMzhhNzYtZ123NS00NWJmLWF12mQtYzNjOGY2YTgzY2JlOnZ1234zSzhJRXFFQl1LVGohY0F4YkxmZUJbOFNxVl5P',
'Content-Type': 'application/x-www-form-urlencoded'
}
conn.request("POST", "/auth/realms/apiclients/protocol/openid-connect/
token", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
Python Requests
import requests
payload = 'grant_type=client_credentials'
headers = {
'Authorization': 'Basic ZjUzMzhhNzYtZ123NS00NWJmLWF12mQtYzNjOGY2YTgzY2JlOnZ1234zSzhJRXFFQl1LVGohY0F4YkxmZUJbOFNxVl5P',
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
Related Articles:
Tags:
Need help?
Need help making a purchase? Contact us today to get your certificate issued right away.
Live chat
Click the button below or click "Chat with an Expert" to start chatting with us now!
