Getting Started

Authentication and Authorization

Accessing the CNC NB API requires Authentication and Authorization. CNC uses a JWT based authentication which can be obtained using two-step process. Authorization of each API is controlled by API level access control as well as Role Based Access Control (RBAC) defined and configured in CNC.

Script Details

get_jwt() {
    # getting jwt to use in cnc api authentication is a two step process
    # Step 1. get the Ticket Granting Ticket (TGT)
    # Step 2. use the TGT to get the JWT
 
    # Step 1. invoke this url with the username,password in the post payload
    export CNC_API_TGT_URL="https://$CNC_HOST:$CNC_PORT/crosswork/sso/v1/tickets"
    response=$(curl $CURL_OPTS -X POST $CNC_API_TGT_URL \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -H 'Accept: text/plain' \
    -d "username=${CNC_USER}&password=${CNC_PASSWORD}" \
    )

    # Step 2: invoke the jwt url with the jwt and forwarding service url in the post payload
    export CNC_API_JWT_URL="https://$CNC_HOST:$CNC_PORT/crosswork/sso/v2/tickets/jwt"
    response=$(curl $CURL_OPTS -X POST $CNC_API_JWT_URL \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -d "tgt=$response&service=https://$CNC_HOST:$CNC_PORT/app-dashboard" \
    )
 
    # Step 3. only for example purpose. store it in ~/.cnc-jwt file
    echo $response > $CNC_JWT_FILE
 
}
get_jwt