-
Notifications
You must be signed in to change notification settings - Fork 164
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs(identity): add user guide for generating M2M tokens
- Loading branch information
1 parent
1601cbd
commit 2d44865
Showing
3 changed files
with
59 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| --- | ||
| id: m2m-tokens | ||
| title: "Machine-to-machine (M2M) tokens" | ||
| sidebar_label: "Machine-to-machine (M2M) tokens" | ||
| --- | ||
|
|
||
| A machine-to-machine, or as they are also known M2M, token is a token which is requested by one service, so it can | ||
| communicate with another service acting as itself. | ||
|
|
||
| In [Identity](/self-managed/identity/what-is-identity.md) we provide the ability to assign permissions to | ||
| an application. This functionality allows an application to perform the `client_credentials` flow to | ||
| retrieve a JWT token with permissions. | ||
|
|
||
| The token generated can then be used to communicate with other applications in the Camunda Platform without | ||
| the need for user intervention. | ||
|
|
||
| :::tip Want to learn how to generate a machine-to-machine token? | ||
| Head to our guide, [generating machine-to-machine tokens](/self-managed/identity/user-guide/generating-m2m-tokens.md) | ||
| to find out more! | ||
| ::: |
35 changes: 35 additions & 0 deletions
35
docs/self-managed/identity/user-guide/generating-m2m-tokens.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| --- | ||
| id: generating-m2m-tokens | ||
| title: "Generating machine-to-machine tokens" | ||
| sidebar_label: "Generating machine-to-machine (M2M) tokens" | ||
| --- | ||
|
|
||
| In this guide we will show you how to generate your own machine-to-machine (M2M) tokens. | ||
|
|
||
| :::tip Want to learn more about M2M tokens? | ||
| Head over to our documentation on [M2M tokens](/self-managed/concepts/authentication/m2m-tokens.md) to find out more. | ||
| ::: | ||
|
|
||
| ### Prerequisites | ||
|
|
||
| - A running [Identity](/self-managed/identity/what-is-identity.md) service | ||
| - An [application](/self-managed/concepts/access-control/applications.md) for your service | ||
| - The client ID of your application | ||
| - The client secret of your application | ||
| - A rest client of your choice | ||
|
|
||
| ### Generate token | ||
|
|
||
| In our example, the Keycloak instance that supports Identity can be found via `http://localhost:18080`. | ||
| This may be different for you so please adjust the host name (and port if required) as appropriate. | ||
|
|
||
| To request a token we use the following cURL command replacing the placeholders with your applications | ||
| details. | ||
|
|
||
| ``` | ||
| curl --location --request POST 'http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/token' \ | ||
| --header 'Content-Type: application/x-www-form-urlencoded' \ | ||
| --data-urlencode 'client_id=[CLIENT_ID]' \ | ||
| --data-urlencode 'client_secret=[CLIENT_SECRET]' \ | ||
| --data-urlencode 'grant_type=client_credentials' | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters