System Access Tokens

Authentication with System Access Token

A System Access Token is used by an external System (e.g. ServiceScheduling, ServiceMobility, a customer's system, etc), to allow that System to authenticate ServiceBroker API calls (and to associate the API call with the appropriate Tenant). See the REST Glossary of Terms for more details on the definition of System and Tenant.

System Access Tokens are similar to the 'Access Key' concept offered by other cloud service providers like AWS or Google Developer Accounts.

Obtaining System Access Tokens

ServiceBroker is primarily provided via a SaaS model. Accordingly, the default System Access Token will be provided as part of the process of provisioning a ServiceBroker Tenant.

However, if you require:

• additional System Access Tokens for a ServiceBroker Tenant (for example, to use a separate Token for each integrated System); or
• one of more System Access Tokens to be revoked, and possibly replaced (for example, to address a security breach concern)

then please use the REST Tenant Token Management.

Using System Access Tokens

See the REST Integration Standard HTTP Headers page for details on how a System Access Token is used to authenticate ServiceBroker API calls.

JWT

Authentication with JWT

A JWT may also be used by an external System (e.g. ServiceScheduling, ServiceMobility, a customer's system, etc), to allow that System to authenticate ServiceBroker API calls (and to associate the API call with the appropriate Tenant).

Unlike System Access Tokens, however, JWTs do have an expiration date, and therefore need to be re-generated on a regular basis.

Obtaining JWTs

JWTs can be obtained via the REST Other OAuth2 Token API.

Using JWTs

See the REST Integration Standard HTTP Headers page for details on how a JWT is used to authenticate ServiceBroker API calls.