Authorization Code via cURL (cmd)

The authorization code using Client for URLs (cURL) to obtain access tokens and refresh tokens.

To authorize code using cURL:

  1. Get the user's authorization. Open cURL and set the following variables in it:

    set RIM_URL= {https://hostname} set CLIENT_ID = {clientId} set CLIENT_SECRET = {clientSecret}

    set TENANT_ID = {tenantId) set REDIRECT_URL= {redirect_url}

    set RIM_TOKEN_URL= %RIM_URL% /insight/api/v2/token set SCOPE = openid %CLIENT_ID%/.default offline_access

    set ENDPOINT = https://login.microsoftonline.com/%TENANT_ID%/oauth2/

    v2.0/authorize

    set URL= %ENDPOINT%?client_id=%CLIENT_ID%^&response_type=code^&scope=

    %SCOPE% ^&redirect_uri=https://oauth.pstmn.io/v1/

    callback^&state=12345

    set TOKEN_URL= https://login.microsoftonline.com/ % TENANT_ID %/

    oauth2/v2.0/token
  2. Get the Authorization Code. To do it, send the following request via cURL:
    @REM start microsoft-edge:"%URL%"
    start chrome "%URL%"
    Note: Alternatively, you can send the request via browser by entering the authorization URL into the search line.

    After receiving your request, the authorization server send you a redirect URI that contain your authorization code. Example:

    echo "Visit the following URL to authorize the application:" "%URL%"

    Note: Make sure you use correct redirect URL configured in the Application registration.

  3. Set the code from redirect URI by adding it to the following request:

    set /p AUTH_CODE="Enter Code displayed in browser: "

  4. Exchange Authorization Code with an access token:

    curl-X POST-H "Content-Type: application/x-www-form-urlencoded" -d

    "grant_type=authorization_code&code%AUTH_CODE% &redirect_uri=

    %REDIRECT_URL%&client_id=%CLIENT_ID%" %TOKEN_URL%

    If everything is done correctly, an AzureBearerBody Token utilised in conjunction with the API X-CSRFTOKEN access token is generated.

  5. Submit an HTTPS GET request to http://hostname:port/insight/api/v2/token to receive generated token.

    You will get the server response containing your token and the current session ID:{ "token": "F1AE44E28CB43CDECB2D0A104EB5DF4B" }. The header of the response must include following values:

    — X-CSRF-HEADER → X-CSRF-TOKEN

    — X-CSRF-PARAM → _csrf

    — X-CSRF-TOKEN → 40d67d97-fb28-4a78-a111-5bae0ee706bb

  6. Use the received token and login information to get authenticated. Send a login POST-request to pass authentication. Use the same session (set JSESSIONID):

    — URI: http://hostname:port/insight/api/v2/login

    — Request header values:

    • X-CSRF-TOKEN: 40d67d97-fb28-4a78-a111-5bae0ee706bb - This value is retrieved as a result of the previous request. (http://hostname:port/insight/api/v2/token )

    — Request body (raw): {{AzureBearerBody}} - This is the is the Azure Generated Authorisation Token gathered in previous steps.

  7. After successful login, the application creates a new session and a new token to use in subsequent API calls. The response header must contain the following values:

    — X-CSRF-HEADER → X-CSRF-TOKEN

    — X-CSRF-PARAM → _csrf

    — X-CSRF-TOKEN → c3cc7d40-348e-410c-bcb6-bc0accdfaff5

  8. Make an API call with your new token. All subsequent REST API POST-requests (read/create/create-or-update/ delete for a specific entity) should be sent through "/api/v2" URI (Example: http://hostname:port/ insight/api/v2/event/46098/delete or http://hostname:port/insight/api/v2/ product-family/all ) with the following attributes:

    — Request header values:

    • X-CSRF-TOKEN: c3cc7d40-348e-410c-bcb6-bc0accdfaff5 — Request body: JSON object for the specific entity.

    Instead of X-CSRF-TOKEN header, you can use the "_csrf" parameter.

  9. Get the CSRF token by submitting the following request via cURL: curl GET %RIM_TOKEN_URL% -v
  10. Set variables for login request

    — set X-CSRF-TOKEN={ enter the value retrieved during the previous request for X-CSRF-TOKEN } — set RIM_TOKEN= {enter the value retrieved during for the previous request xAuthToken } — set DATA="{{AzureBearerBody}} "

    CURL may require the nested quotas to be escaped. Example:

    Set DATA= {\"token_type\":\"Bearer\",\"access_token\":

    \"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjVCM25SeHRRN2ppOGVORGMzR nkwNUtmOTdaRSIsImtpZCI6IjVCM25SeHRRN2ppOGVORGMzRnkwNUtmOTdaRSJ9.eyJhdWQ iOiJiZWIwMzc0OC1lMDQxLTRlMzAtOGQxZC1iNTI1YzhhZGMwOGMiLCJpc3MiOiJodHRwcz ovL3N0cy53aW5kb3dzLm5ldC83OWU4MTNlMi1mNGIyLTRlZmItYjA4Yi1iMzZmMzc5ODM1M DEvIiwiaWF0IjoxNzA1NDI0NzM3LCJuYmYiOjE3MDU0MjQ3MzcsImV4cCI6MTcwNTQyNTYz NywiYWNyIjoiMSIsImFpbyI6IkFUUUF5LzhWQUFBQTJUL1lpRXhXem8zdGhvZVJmRisvRkU rNkhiS0M5eWdoSHVrRHVzZ3ZsN29PNmx5RTM5UjNIdnFlUjZBVkVHUEUiLCJhbXIiOlsicH dkIl0sImFwcGlkIjoiYmViMDM3NDgtZTA0MS00ZTMwLThkMWQtYjUyNWM4YWRjMDhjIiwiY XBwaWRhY3IiOiIwIiwiaXBhZGRyIjoiNTIuMTg0LjI1My4xNCIsIm5hbWUiOiJJbnNJbXJV c2VyMSIsIm9pZCI6Ijk1YmM2MzRiLWY4NmItNDJiZC1hMTBjLTBmMTA4NThmNzFmZCIsInJ oIjoiMC5BU2dBNGhQb2ViTDAtMDZ3aTdOdk41ZzFBVWczc0w1QjREQk9qUjIxSmNpdHdJel pBR1kuIiwic2NwIjoiTWFpbC5SZWFkIFVzZXIuUmVhZCIsInN1YiI6Ims4elRKcnQ3d0xRY Ustem93Q0lEZFJkNm9jb1BWTEExNUVOY2t6cm5yUlUiLCJ0aWQiOiI3OWU4MTNlMi1mNGIy LTRlZmItYjA4Yi1iMzZmMzc5ODM1MDEiLCJ1bmlxdWVfbmFtZSI6Ikluc0ltclVzZXIxQHJ pbXNzb3BvYy5vbm1pY3Jvc29mdC5jb20iLCJ1cG4iOiJJbnNJbXJVc2VyMUByaW1zc29wb2 Mub25taWNyb3NvZnQuY29tIiwidXRpIjoiVzVFb2gtczhqa0dHbEtyMDZ6V2NBQSIsInZlc iI6IjEuMCJ9.Pg0wC99ON6Cgu1z6_h4jGcgllsK74s0sqCI1C_a3S7uMurrdxXToG6y_anq gmVZdES2hPCfPOIci3p_SJIqIrLGl_0qy42iQVx4VZ_aywYPmrAIilkUTRd78yODRLFnHoc C21S7bzPX0ZzD24hNZP3ozw6b_8zZcGKGCqvQ8VDGmVcM8eDU_108rmDz3Bfd3vMtpBJrsc usTd-tyoxunrZJF-taXQL1ZZEKytmbkrN2hylcyNoRuRhTz-5Uae2P0QyWUbAy3XfueTV5ha98Cq81wUoa-fAjDnunC4RPCTT4Khnd94kIvI8_I7OqiXmr0vcBb3QAGnQOg9JBLnA8jw \",\"refresh_token\":

    \"0.ASgA4hPoebL0-06wi7NvN5g1AUg3sL5B4DBOjR21JcitwIzZAGY.AgABAAEAAAAmoFf

    GtYxvRrNriQdPKIZ-AgDs_wUA9P9pLd27F_- gDI59QVqVeY_iIWIt33wtMSAR8gvVkhNBqhx2nOqTPx2Q9HyOm3twaJdgfM0OI2VnTre00Q jv4NS540wVyfn3RmepwXrEzoieHA6sSos0L_PN6TB8KPCcXWq7Donx9lt6Zv0scNREMfkSufTL_HkrLyNbfV2xzi

    kp80tsYW2d-V6LNh6q4qnv7LBuv0BdFmM7xar4hBYV6WNjhwy1WQoyzZROcIUVtyojM3qccOk2Q-0whuNZLb4kwthuQ6WSNoeueO1sE0PCPCKk5-kuunN_XTlR0tz92F4e5l2oFy6yowx6Sz5DLkdzuvg8VG7zW2aunjZ77IUdBSq94I_dh5->Qh46zc0Sn8p3jfJL68YTLmUVXxu_BNW1saXZjP700fHIM4ejNedUH0MZ5LketsgxymwSkscq_6qOUzZ2ILp85KNv0gEznKmZsvDLGakfXFGtYggT

    LLiYpb9o7Jf3DXtHW0No8lRia3Vmh4RUXl86PyeXSFe3MgTB_f3c0VL5D9gqI4UMOlxRrWL7gY9COeGW6JMY yLw2to0Ic5POJyoaovGD7sXj3wt0ZuC3G5xFKzxltaoiGp3TpyfuLwuwphehq95Q2JtL42yxFwumvgJnLZiwe61ic2wO_eRuXjLAHa9qkDF CPkIG8zXNt4I-CWM2pF4bdSwSDfx01eDv9OYfu55c4qyiO0TIPBg3FP54W2Zj9kXnp0zNdqbjT5s\",\"id_token\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjVCM25SeHRRN2ppOGVORGMzR nkwNUtmOTdaRSJ9.eyJhdWQiOiJiZWIwMzc0OC1lMDQxLTRlMzAtOGQxZC1iNTI1YzhhZGM wOGMiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vNzllODEzZT ItZjRiMi00ZWZiLWIwOGItYjM2ZjM3OTgzNTAxL3YyLjAiLCJpYXQiOjE3MDU0MjIwMDgsI m5iZiI6MTcwNTQyMjAwOCwiZXhwIjoxNzA1NDIyOTA4LCJhaW8iOiJBVFFBeS84VkFBQUFz TlZmbmJjVWVHVFYrZGxSNzlwUHFlK29RbjZkNkZLZG9CNUtCbDgwemVoeEVQZkhYcE5iVUx PMUdwTTZ2VUU3IiwicmgiOiIwLkFTZ0E0aFBvZWJMMC0wNndpN052TjVnMUFVZzNzTDVCNE RCT2pSMjFKY2l0d0l6WkFHWS4iLCJzdWIiOiJrOHpUSnJ0N3dMUWFLLXpvd0NJRGRSZDZvY 29QVkxBMTVFTmNrenJuclJVIiwidGlkIjoiNzllODEzZTItZjRiMi00ZWZiLWIwOGItYjM2ZjM3OTgzNTAxIiwidXRpIjoiNngxTEdfaDlEazZYckRvdU9hQ25BQSIsInZlciI6IjIuMCJ9.3mmf_KH- ykTB8BkbgBGBoigWv_jgsps8WAeiNqDBmEB3qIdnrkPauORUwHk74qWN4vSv38bJ6UmUPgH A_VYSVpy2KjlhNBtYhR2_kk0D_cv2GB7FGTb8nVg5bQP4GOSd7erZsN5TnG-GJevsdOwyLzQRX6NZRy6EnR0MWgnjRdhdyblIVRKC6PIVbZKSm9ReL3wdS8faACOtvBB5aVkc8MWF6RmqC1nyD7e1zVNYQj5S- RJRrrLOHjtQItFO_WqIb1c3cmzYskSrwwhBfe0AxDh1I7d6lQT00Gf9LoCO6ykgRhNPw14ugAI2OsFOdT9N4Yop7ClGafjwx4Ub5yw\"}"
  11. Get RIM session: curl -X POST -H "X-CSRF-TOKEN: %X-CSRF-TOKEN%" -H "Content-Type:application/ json" -b "JSESSIONID=%RIM_TOKEN%" -d %DATA% %LOGIN_URL% -v
  12. Now, you can execute API call with authenticated session:

— set GET_PF_URL=%RIM_URL%/insight/api/v2/product-family/all

— curl -X POST -H "X-CSRF-TOKEN: %X-CSRF-TOKEN%" -H "Content-Type:application/json" -b "JSESSIONID=%RIM_TOKEN%" -d %DATA% %GET_PF_URL% -v