Ommni APIs employ a secure authentication mechanism to ensure that only authorized system applications can access the APIs. This documentation outlines the process for system application authentication, enabling your applications to verify their identity and obtain authorization to interact with specific APIs or services.
Overview
Authentication in Ommni is designed for system applications that perform automated tasks and system-level functions. These applications do not manage end-user authentication and are not connected with user pools. Instead, they facilitate secure and efficient system-level interactions with Ommni APIs.
Authentication Process
To authenticate and obtain access to Ommni APIs, system applications must follow these steps:
Service Identity Creation:
- Navigate to the "Service Identity" section within the
Ommni. - Click on "Create New Application" to register your system application.
- After creation, select "Details" from the actions to view the credentials of your application.
Client ID and Client Secret:
- Within the application details, you will find a unique identifier known as the "Client ID" and a confidential "Client Secret". These credentials are vital for the authentication process.
Obtaining an Access Token:
- Your system application must send a request to the
Ommniauthorization server, including the Client ID and Client Secret. - The authorization server validates these credentials. Upon successful validation, it issues an access token, also referred to as a system token.
Using the System Token:
- This system token enables your system application to make authorized requests to
OmmniAPIs. - Include the system token in the Authorization header of API requests to represent your system during interactions.
Security and Compliance
Ensure that the Client ID and Client Secret are stored securely within your system application and are not exposed to unauthorized parties. Regularly review and rotate these credentials to maintain the security of your application and data.