Authentication

Obtaining Credentials

Partners should work with their Cisco Partner Team to request a Smart Bonding connection. Credentials will be provided by Cisco Smart Bonding team during implementation.

Generating an Access Token

The Smart Bonding API allows access only for authorized users. Each REST API request must include an HTTP Authorization header with Bearer access token:

Authentication Header:

The authentication request header needs to be formatted as such: 

Content-Type : application/x-www-form-urlencoded

Okta Header

Note: All operations must communicate over a secure HTTPS connection.

Authentication URL:

To generate access tokens, the Smart Bonding API uses the OAuth2 Client Credentials flow.

Tokens are valid for one hour. Re-authentication is necessary after expiration to successfully send API Calls.

The Cisco authentication token endpoints are:

Stage

https://int-id.cisco.com/oauth2/default/v1/token?grant_type=client_credentials

Prod

https://id.cisco.com/oauth2/default/v1/token?grant_type=client_credentials

with query parameters:

  • grant_type: client_credentials
  • client_id: your integration's client_id
  • client_secret: your integration's client_secret

Authentication Option 1 - credentials as parameters

Use the client_id and client_secret as parameters in the message header / URL

Example Token Request

POST int-id.cisco.com/oauth2/default/v1/token?grant_type=client_credentials&client_id={{client_id}}&client_secret={{client_secret}}

Okta Authentication Option1

Note: No body should be provided in the request.

Below is example response:

{ 
  "access_token": "7SrHBrYi...Zvr94Un", 
  "token_type": "Bearer”, 
  "expires_in": 3599 
}

Authentication Option 2 - credentials in request body

Use your new client_id and client_secret in the message body

Body: {"grant_type":"client_credentials", "client_id":"", "client_secret":""}

Okta Authentication Option1

CURL Test

If a curl test is required, then the following command is correct to request a token:

curl -d "grant_type=client_credentials" -X POST "https://id.cisco.com/oauth2/default/v1/token?grant_type=client_credentials&client_id=<client_id>&client_secret=<client_secret>"

Making an API Request

The access token can then be provided in an Authorization: Bearer header when making requests:

Example Request

GET /sb-partner-oauth-proxy-api/rest/v1/pull/call
Authorization: Bearer rqrbLD9xL...ES8XIN3u