Rest API Execution Flow

The following diagram illustrates the execution flow, with a focus on authentication mechanism.

API Console

  1. The external application requests a token from the Cloud Authentication Service by sending the Client Id and Client Secret configured in the ConfigureAccess Point page to the URL For example:

    curl -k -d “grant_type=client_credentials&client_id=ClientCRM&client_secret=Hm5NeAVqYlgWxsU5a1AiNpzGggJjEcpd”

  2. The Cloud Authentication Service receives the request, generates a token, and returns that token to the external application.

  3. The application generates an API request with the token to the Cloud API. The token must be sent in the request header, in the following format: Authorization:[space]Bearer[space][token]. A sample request using CURL might appear as follows:

    curl -k -H “Authorization: Bearer FKhvHhGduAdPmEnDhqqYp35u8pZUchkH”

  4. The Cloud API forwards the token to the Cloud Authentication Service for validation.

  5. The Cloud Authentication Service validates the token.

  6. If authentication is verified (valid token), the Cloud API execute the operation requested by the external application.

  7. The external application receives the results of the API request.