Authentication
The KG platform is using OAuth2 to allow access to our APIs.
Get an OAuth2 Client or API key
To use the KG Platform API, you need an OAuth2 Client or an API key.
The client credentials or the API key of the GNTB will give you read access to all available data. The email address to contact the GNTB for OAuth2 Client credentials or an API key is [email protected]. Please provide your company name and the name and email address of a contact person.
Use the OAuth2 client or API key for API access
Once you have an OAuth2 client or an api key, you have two authentication options in the platform:
- OAuth2 (using a JWT Token)
- API key ( using an api key and the proxy server)
Recommendation
For easier access to our platform API, we recommend developers to use Option 2
Option 1: using a JWT Token
In the OAuth2 client, you will see a client_id and client_secret information which can be used to generate a JWT token. This JWT access token can be used for further requests to KG Platform API until it expires.
Curl examples for how to generate JWT token and send requests to KG Platform API
Generate a JWT access token:
curl -s https://auth.opendatagermany.io/.com/auth/realms/onlim/protocol/openid-connect/token -d client_id=$YOUR_CLIENT_ID -d client_secret=$YOUR_CLIENT_SECRET -d grant_type=client_credentials -H content-type:application/x-www-form-urlencoded
Make a request against KG Platform API, for example:
curl -H "Authorization: Bearer $ACCESS_TOKEN" https://app.opendatagermany.io/api/cam/users/me
Option 2: using an API key and the proxy server
We also provide a Proxy service that allows clients to authenticate via their respective API keys.
The proxy service ensures a JWT token is generated and forwarded to the requested API endpoint for the provided API key.
To do so, you need to:
- replace in the API calls the subdomain "app" with "proxy"
- use the x-api-key header, instead of Authorization header
Example using both authentication options
Given the following API call to fetch the user's details using both authentication options.
Option 1: Using the JWT token
curl -H "Authorization: Bearer $ACCESS_TOKEN" https://app.opendatagermany.io/api/cam/users/me
Option 2: using the API key and proxy service
NOTE: for using the API key the subdomain is proxy.opendatagermany.io, instead of app.opendatagermany.io
curl -H "x-api-key: $API_KEY" https://proxy.opendatagermany.io/api/cam/users/me
Updated almost 2 years ago