Access NF Resources through curl or postman

CNC Console-IAM provides a REST API for generating and refreshing access tokens. The API can be used to get access_token.

  • An access token must be acquired from CNC Console-IAM by sending a POST request to this URL:

http://${cncc-iam_host}:${cncc-iam_port}/cncc/auth/realms/${realm}/protocol/openid-connect/token

Example: http://10.75.213.60:30024/cncc/auth/realms/cncc/protocol/openid-connect/token

The request must have x-www-form-url encoded body:

'client_id':'your_client_id',

'username':'your_username',

'password':'your_password',

'grant_type':'password'

Example:

'client_id':'api-gateway',

'username':'admin',

'password':'admin',

'grant_type':'password'

Curl Cmd

curl --location --request POST

' http://10.75.213.60:30024/cncc/auth/realms/cncc/protocol/openid-connect/token'\

--header'Content-Type: application/x-www-form-urlencoded'\

--data-urlencode'grant_type=password'\

--data-urlencode'username=shreb'\

--data-urlencode'password=Shreb123!'\

--data-urlencode'client_id=api-gateway'

  • In response user gets an access_token and a refresh_token.

Response

"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJHS1N4WVhoWlExRVhrOVE5RTR3STN4WG9LcHI2

RW5yOFJCdGlMVndPV0JZIn0.eyJqdGkiOiIwMTQzYzNhZC1kNjE3LTQyNTYtYTA2My01NGYxNGI5MDQ5MWMiLCJleHAiOjE1ODQ3MDAyMzUsIm5iZiI6MCwiaWF0Ijo

xNTg0Njk5OTM1LCJpc3MiOiJodHRwOi8vMTAuNzUuMjEzLjYwOjMwMDI0L2NuY2MvYXV0aC9yZWFsbXMvY25jYyIsImF1ZCI6ImFjY291b

nQiLCJzdWIiOiIwMTJlNDI2OS02YzYwLTQzNWItYWExNC0yYWI3NmJjOWI1MjMiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhcGktZ2F0ZXd

heSIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjZjNDJkOTc4LTE0YWMtNDc5My1hMWUzLTc4OWNmYmRiMmI3NCIsImFjciI6I

jEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiUENGX1JFQUQiLCJQQ0ZfV1JJVEUiLCJTQ1BfUkVBRCIsIm9mZmxpbmVfYWNjZXNzIiw

iTlJGX1dSSVRFIiwiQURNSU4iLCJ1bWFfYXV0aG9yaXphdGlvbiIsIk5SRl9SRUFEIiwiU0NQX1dSSVRFIl19LCJyZXNvdXJjZV9hY2Nlc

3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl1

9fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJuYW1lIjoiU2hyZXlhcyBCIiwicHJlZmVycmVkX

3VzZXJuYW1lIjoic2hyZWIiLCJnaXZlbl9uYW1lIjoiU2hyZXlhcyIsImZhbWlseV9uYW1lIjoiQiIsImVtYWlsIjoic2hyZXlhcy5iQG9

yYWNsZS5jb20ifQ.fXYyjmAbSSIFlLr2ZBEX2pfKrE_vr6Zbj8ta-l_tKlv2gTX1J3ehScg_m30swpWU7UojuFkyc8CfNZL2Z9mcs7zbq_zA7ZTlaWA_AgmeoXWapicX2wALT_YDU6Z3H7L9x1C1Ulp8aTBIBHP

v2J-zgkrFDtk83NeKunKEGlEZpp-9MGDLQ5a8QX6SAUo-Fe6hNgF1vP0d7LCyjWvu6UvoeG_Fuxsi4xEVHcbSen8M3eueAt7xN7akhXZ_4PgWnxsWvQVqtTzsY6O-WyUjUiwtaTvpX0dPVVeeNDvWMY_0q0KvF_nnE3_wQtE8bu_LcCZYwDQJJTloj2PJ8y1WjO9l2Q",

"expires_in":300,

"refresh_expires_in":1800,

"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3YTFlYjcyZi00MWE1LTRkMTEtYjRmZS01NDZjZ

GU5NjY2MTUifQ.eyJqdGkiOiJmYjAwZTY2OC0xZTkyLTRlMTUtYTVlMS1jZjgxNDFkMjllNDMiLCJleHAiOjE1ODQ3MDE3MzUsIm5iZiI6MCwiaWF0IjoxNT

g0Njk5OTM1LCJpc3MiOiJodHRwOi8vMTAuNzUuMjEzLjYwOjMwMDI0L2NuY2MvYXV0aC9yZWFsbXMvY25jYyIsImF1ZCI6Imh0dHA6Ly8x

MC43NS4yMTMuNjA6MzAwMjQvY25jYy9hdXRoL3JlYWxtcy9jbmNjIiwic3ViIjoiMDEyZTQyNjktNmM2MC00MzViLWFhMTQtMmFiNzZiYz

liNTIzIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImFwaS1nYXRld2F5IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiNmM0MmQ5

NzgtMTRhYy00NzkzLWExZTMtNzg5Y2ZiZGIyYjc0IiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIlBDRl9SRUFEIiwiUENGX1dSSVRFIi

wiU0NQX1JFQUQiLCJvZmZsaW5lX2FjY2VzcyIsIk5SRl9XUklURSIsIkFETUlOIiwidW1hX2F1dGhvcml6YXRpb24iLCJOUkZfUkVBRCIs

IlNDUF9XUklURSJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYW

Njb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.l8w3j1gMNgblKSYdvCmJQfg6yIfkdKnmFb5vKPF-ZIg",

"token_type":"bearer",

"not-before-policy":0,

"session_state":"6c42d978-14ac-4793-a1e3-789cfbdb2b74",

"scope":"email profile"

}

  • The access token must be used in every request to a NF resource by placing it in the Authorization header:

GET : http://${cncc_host}:${cncc_port}/soothsayer/v1/canaryrelease

headers: {

'Authorization':'Bearer'+ access_token

}

  • Once the access_token has expired, it can be refreshed by sending a POST request to the same URL as above, but containing the refresh token instead of username and password:

'client_id':'your_client_id',

'refresh_token': refresh_token_from_previous_request,

'grant_type':'refresh_token'

Example:

'client_id':'api-gateway',

'refresh_token':'eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3YTFlYjcyZi00MWE1LTRkMTEtYjRmZS01NDZjZG

U5NjY2MTUifQ.eyJqdGkiOiJmYjAwZTY2OC0xZTkyLTRlMTUtYTVlMS1jZjgxNDFkMjllNDMiLCJleHAiOjE1ODQ3MDE3MzUsIm5iZiI6MCwiaWF0IjoxNT

g0Njk5OTM1LCJpc3MiOiJodHRwOi8vMTAuNzUuMjEzLjYwOjMwMDI0L2NuY2MvYXV0aC9yZWFsbXMvY25jYyIsImF1ZCI6Imh0dHA6Ly8x

MC43NS4yMTMuNjA6MzAwMjQvY25jYy9hdXRoL3JlYWxtcy9jbmNjIiwic3ViIjoiMDEyZTQyNjktNmM2MC00MzViLWFhMTQtMmFiNzZiYz

liNTIzIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImFwaS1nYXRld2F5IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiNmM0MmQ5

NzgtMTRhYy00NzkzLWExZTMtNzg5Y2ZiZGIyYjc0IiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIlBDRl9SRUFEIiwiUENGX1dSSVRFIi

wiU0NQX1JFQUQiLCJvZmZsaW5lX2FjY2VzcyIsIk5SRl9XUklURSIsIkFETUlOIiwidW1hX2F1dGhvcml6YXRpb24iLCJOUkZfUkVBRCIs

IlNDUF9XUklURSJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYW

Njb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.l8w3j1gMNgblKSYdvCmJQfg6yIfkdKnmFb5vKPF-ZIg',

'grant_type':'refresh_token'

Previous
Previous 		Next
Next
Go To Table Of Contents
Contents