Authentication in MTM
This page helps you in obtaining OAuth access credentials, using the MTM Connect REST API, and trying out API functions using Swagger.
OAuth is the method used by MTM Connect to authenticate users. OAuth protects user credentials while enabling secure resource retrieval. OAuth is an authorization standard that outlines methods (a process) for obtaining scoped access to a protected resource. The aforementioned can be accomplished in a variety of methods that are specified in this standard. The OAuth terminology for this is flows. The client credential flow is the most popular method for gaining access to an API.
According to this flow, three actors are involved while accessing a server's protected resource.
- Resource server – Server hosting the protected resource. MTM Connect is our resource server.
- Authorization server – Server that authenticates the client request. Our authorization server is BlueNext.
- Resource owner – Client or the user who is trying to gain access.
The flow is as follows:
The following are the steps involved in Oauth:
Step 1. The initial step in registering for MTM Connect is to provide the new organization with the Client ID, Client Secret, Scope, Grant Type, and BlueNext token URL. BlueNext is the authorization server for the client request. Each parameter's description may be found below.
| Parameter | Description |
|---|---|
| client_id | The client id for the application that is getting registered. |
| client_secret | The client secret for the application that is getting registered. |
| scope | Scopes that are granted to the access token |
| grant_type | This mentions the flow being used and should be always mentioned as client_credentials |
| BlueNext token URL | The BlueNext token URL for the application that is getting registered. Access token is automatically generated from the BlueNext token URL. |
Enter these parameters into an authorization tool like Postman to produce a one-time use token known as an access token.
After selecting the environment quick look, click on the edit to enter the ClientID, ClientSecret, Scope, GrantType and BlueNext token URL (BNTokenURL) values in the 'current value' column.
Step 2. After successful authentication, the postman generates an access token.
Step 3. The client can copy and send this token along with the request to the resource server. The MTM Connect is the resource server, and Swagger may be used to access it. MTM provides a unique Swagger environment to each client that will utilize the MTM Connect API Swagger link, which would be https://
On the Swagger website, click the Authorize button. After you click the Authorize button, a dialogue box will appear for you to enter the access token. While pasting the value into the text box, use the standard Bearer <space><access_token> format. After providing the value, choose Authorize and then Close.
Step 4. The resource server gets this token from the request and validates the same with the authorization service.
Step 5. After entering your authorization token, select any endpoint and click the Try it out option.
Fill in the necessary information and click Execute to see the results. The resource server gives the client the requested resource after a successful validation.
The client can try this out using the MTM Connect API sample application. The sample client app in C# can be found here - GITHub - explorance/exploranceapis-mtmconnect-csharp.
InMTM Connect APIs
InMTM Connect IN API
InMTM Connect OUT API