Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 7 Next »

REST API Authentication

ServiceBroker supports System Access Tokens for the authentication and authorization of the REST APIs.

 

On this page:

Related pages:

Authentication with System Access Token

A System Access Token is used by an external System (e.g. ServiceScheduling, ServiceMobility, a customer's system, etc), to allow that System to authenticate ServiceBroker API calls (and to associate the API call with the appropriate Tenant). See the REST Glossary of Terms for more details on the definition of System and Tenant.

System Access Tokens are similar to the 'Access Key' concept offered by other cloud service providers like AWS or Google Developer Accounts.

Expiration

A System Access Token has no expiration date. It is intended only to be used for system level integration purposes, where access to the ServiceBroker services is granted as long as both the status of the Tenant and the System Access Token are active.

Obtaining System Access Tokens

ServiceBroker is primarily provided via a SaaS model. Accordingly, the default System Access Token will be provided as part of the process of provisioning a ServiceBroker Tenant.

However, if you require:

  • additional System Access Tokens for a ServiceBroker Tenant (for example, to use a separate Token for each integrated System); or
  • one of more System Access Tokens to be revoked, and possibly replaced (for example, to address a security breach concern)

then please use the REST Tenant Token Management.

Using System Access Tokens

See the REST Integration Standard HTTP Headers page for details on how a System Access Token is used to authenticate ServiceBroker API calls.

  • No labels