Background:
This article provides a comprehensive guide on using an API calls to creating a connect token, and the different areas you can modify within the token. As well as token revocation at the end of the article.
Token Creation:
Call: POST {serverURL}/connect/token
Example cURL:
curl --location 'http://localhost:51980/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=password&username={username}&password={password}&client_id=integration&client_secret=eunGKas3Pqd6FMwx9eUpdS7xmz'Body (x-www-form-urlencoded):
username = {user you want token assigned to}
password = {password of said user}
client_id = integration
client_secret = eunGKas3Pqd6FMwx9eUpdS7xmz
| Key | Value | Description |
| grant_type | password | Constant. Type of granting used for the credentials supplied in call. |
| username | {username you want token assigned to} | Wyn user that you want this token to refer to on creation. Upon use of token you will be signed in as said user into the Wyn system. |
| password | {username you want token assigned to} | Password of Wyn user that you want token to refer to. |
| client_id | integration | Constant. The client that you will use to generate the token. |
| client_secret | eunGKas3Pqd6FMwx9eUpdS7xmz | Constant verification code that this is a valid call |
Body (raw):
grant_type=password&username={user}&password={password}&client_id=integration&client_secret=eunGKas3Pqd6FMwx9eUpdS7xmz
Return on successful call:
{
"access_token": "4E2EDEF2754615A60F7AC3A06268F06A0F62680F5A1F9ACD74007A11DC8E7F85",
"expires_in": 315360000,
"token_type": "Bearer",
"scope": "cache email openid profile scheduler server_portal storage"
}The value for “access_token” is the authentication token that you will use in nearly all of the APIs for Wyn Enterprise. This token expires after 315360000 seconds, or 10 years as seen in the “expires_in” value.
Other Available Settings
| Key | Value | Function |
| tenant_path |
“/” denotes Global organization “/OrganizationName” will go down one level. “/OrganizationName/SubOrgName” will follow the path down to a sub-organization |
This provides a token for a user in the specific organization provided. |
| access-token-lifetime | Integer for number of seconds you want the token to be active for |
The standard value for “expires_in” for a token is 10 years unless specified. Once time has elapsed then the token will not let the bearer into the Wyn system, and it will kick out users that are using this token to the login page of your Wyn system. |
Token Revocation:
If you have a token that you need to remove from the system you will use connect/revocation to automatically take all remaining time away from the token to where it will expire.
Call: POST {serverURL}/connect/revocation
example cURL:
curl --location 'http://localhost:51980/connect/revocation' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic aW50ZWdyYXRpb246ZXVuR0thczNQcWQ2Rk13eDllVXBkUzd4bXo=' \
--data-urlencode 'token={token_to_revoke}' \
--data-urlencode 'token_type=access_token'You will need proper authorization via the client_id and client_secret to pull of this call as well as a current valid token.
Body (x-www-form-urlencoded):
| Key | Value | Description |
| token | Valid token that you want to revoke. | The token you put into the call will be revoked and will no longer be valid when trying to access Wyn. |
| token_type | access_token | This is a constant value for connect tokens. |
Body (raw):
token={token_to_revoke}&token_type=access_tokenReturn on successful call: nothing
Results of the call:
The token will not work any more to access the Wyn system, effective immediately on revocation. If the token is in use at the time, the user using it will be kicked out of Wyn on the next heartbeat of the system to the login screen similar to their time running out on access-token-lifetime.
Victor Stahlman