Changelog
Guides
Start typing to search…

Authentication

The KG platform is using OAuth2 to allow access to our APIs.

Get an OAuth2 Client or API key

To use the KG Platform API, you need an OAuth2 Client or an API key.

The client credentials or the API key of the GNTB will give you read access to all available data. The email address to contact the GNTB for OAuth2 Client credentials or an API key is [email protected]. Please provide your company name and the name and email address of a contact person.

Use the OAuth2 client or API key for API access

Once you have an OAuth2 client or an api key, you have two authentication options in the platform:

  1. OAuth2 (using a JWT Token) ⚠️ DEPRECATED! This authentication method will be shut down on April 28th, 2025.
  2. API key ( using an api key and the proxy server)

📘

Recommendation

For easier access to our platform API, we recommend developers to use Option 2

Option 1: using a JWT Token

📘

DEPRECATED

This authentication method will be shut down on April 28th, 2025!

In the OAuth2 client, you will see a client_id and client_secret information which can be used to generate a JWT token. This JWT access token can be used for further requests to KG Platform API until it expires.

Curl examples for how to generate JWT token and send requests to KG Platform API

Generate a JWT access token:

curl -s https://auth.opendatagermany.io/.com/auth/realms/onlim/protocol/openid-connect/token -d client_id=$YOUR_CLIENT_ID -d client_secret=$YOUR_CLIENT_SECRET -d grant_type=client_credentials -H content-type:application/x-www-form-urlencoded

Make a request against KG Platform API, for example:

curl -H "Authorization: Bearer $ACCESS_TOKEN" https://app.opendatagermany.io/api/cam/users/me

Option 2: using an API key and the proxy server

We also provide a Proxy service that allows clients to authenticate via their respective API keys.
The proxy service ensures a JWT token is generated and forwarded to the requested API endpoint for the provided API key.

To do so, you need to:

  1. replace in the API calls the subdomain "app" with "proxy"
  2. use the x-api-key header, instead of Authorization header

Example using both authentication options

Given the following API call to fetch the user's details using both authentication options.

Option 1: Using the JWT token

curl -H "Authorization: Bearer $ACCESS_TOKEN" https://app.opendatagermany.io/api/cam/users/me

Option 2: using the API key and proxy service

NOTE: for using the API key the subdomain is proxy.opendatagermany.io, instead of app.opendatagermany.io

curl -H "x-api-key: $API_KEY" https://proxy.opendatagermany.io/api/cam/users/me

Updated 26 days ago