- Introduction to the Access Token Controller REST API
Introduction to the Access Token Controller REST API (2024.09)
FlexNet Operations users call the access-token-controller REST web service to request an access token with a limited expiration from FlexNet Operations. The web service returns an access token which is a hexadecimal string with an rna_ prefix.
When firing requests to a FlexNet Operations API (REST or SOAP), this token must be added to the authentication header of the API request with the word Bearer followed by the token string.
The access token not only authenticates the requester but also defines the permissions of how the requester can use the API.
Access tokens can also be managed using the Producer Portal. For more information, see the topic Managing Access Tokens in the FlexNet Operations User Guide on the Revenera Documentation site.
Access Token Controller
A REST Controller for creating access tokens to be used as bearer authentication tokens for calling FlexNet Operations APIs (SOAP and REST). This REST web service also supports reading, updating, searching, rotating, and deleting tokens.
FlexNet Operations uses different token types to manage different access levels and operations:
- NORMAL tokens can be requested by any FlexNet Operations user to authenticate themselves at a FlexNet Operations API.
- IMPERSONATED tokens can be requested by a privileged user for use by other FlexNet Operations users.
To create and manage IMPERSONATED tokens, users require the Create Impersonated Token permission and a Manage Users permission.