Token
This is a sample of how to manage users' token via the IDaaS Administration API. To run this sample, you must have a valid IDaaS Administration API application in your IDaaS tenant. For more information, see the quick start guide.
caution
This sample is for demonstration purposes only. It is not intended for production use. In production, you should use a secure method to store the client secret and the application id.
Initialize the Administration API client
To perform user management operations, you must first initialize the Administration API client. The following code shows how to initialize the client.
- Java
- CSharp
- Python
import com.entrustdatacard.intellitrust.admin.ApiClient;
import com.entrustdatacard.intellitrust.admin.api.*;
import com.entrustdatacard.intellitrust.admin.model.*;
public class Main {
private static final String SHARED_SECRET = "YOUR_SHARED_SECRET";
private static final String HOST_NAME = "YOUR_HOST_NAME";
private static final String APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void main(String[] args) throws Exception {
ApiClient apiClient = new ApiClient();
apiClient.setBasePath(HOST_NAME);
AdminAuthApi adminAuthApi = new AdminAuthApi(apiClient);
AdminApiAuthentication authParams = new AdminApiAuthentication()
.applicationId(APPLICATION_ID)
.sharedSecret(SHARED_SECRET);
AdminApiAuthenticationResult authResult = adminAuthApi.authenticateAdminApiUsingPOST(authParams);
apiClient.setApiKey(authResult.getAuthToken());
}
}
using com.entrustdatacard.intellitrust.admin.api;
using com.entrustdatacard.intellitrust.admin.Client;
using com.entrustdatacard.intellitrust.admin.model;
namespace Samples
{
internal class AdminApiSample
{
private static readonly string SHARED_SECRET = "YOUR_SHARED_SECRET";
private static readonly string HOST_NAME = "YOUR_HOST_NAME";
private static readonly string APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void Main()
{
Configuration configuration = new Configuration();
configuration.BasePath = HOST_NAME;
AdminAuthApi adminAuthApi = new AdminAuthApi(configuration);
var authParams = new AdminApiAuthentication(APPLICATION_ID, false, SHARED_SECRET);
var authResult = adminAuthApi.AuthenticateAdminApiUsingPOST(authParams);
configuration.AddApiKey("Authorization", authResult.AuthToken);
}
}
from IntelliTrust_Python_Administration import ApiClient, Configuration
import IntelliTrust_Python_Administration.api as apis
import IntelliTrust_Python_Administration.models as models
conf = Configuration(
host = "YOUR_HOST_NAME",
)
with ApiClient(conf) as api_client:
admin_api = apis.AdminAuthApi(api_client)
auth_parms = models.AdminApiAuthentication(
application_id = "YOUR_APPLICATION_ID",
shared_secret = "YOUR_SHARED_SECRET",
)
auth_result = admin_api.authenticate_admin_api_using_post(auth_parms)
api_client.set_default_header("Authorization", auth_result.auth_token)
Create a Token
The following code shows how to create a token of the given type for the given user.
- Java
- CSharp
- Python
import com.entrustdatacard.intellitrust.admin.ApiClient;
import com.entrustdatacard.intellitrust.admin.api.*;
import com.entrustdatacard.intellitrust.admin.model.*;
import java.util.ArrayList;
import java.util.List;
public class Main {
private static final String SHARED_SECRET = "YOUR_SHARED_SECRET";
private static final String HOST_NAME = "YOUR_HOST_NAME";
private static final String APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void main(String args[]) throws Exception {
// initialize the API client with the IDaaS hostname
ApiClient apiClient = new ApiClient();
apiClient.setBasePath(HOST_NAME);
AdminAuthApi adminAuthApi = new AdminAuthApi(apiClient);
// make a request to authenticate to the admin API application in IDaaS
AdminApiAuthentication authParms =
new AdminApiAuthentication()
.applicationId(APPLICATION_ID)
.sharedSecret(SHARED_SECRET);
AdminApiAuthenticationResult authResult = adminAuthApi.authenticateAdminApiUsingPOST(authParms);
// after authenticating to IDaaS, set the auth token in the API client so that it is used to authenticate
// subsequent admin calls
apiClient.setApiKey(authResult.getAuthToken());
// Create TokensAPI
TokensApi tokensApi = new TokensApi(apiClient);
String userID = "b0bba595-6876-4758-8b77-b785e17aff76";
String tokenType = "ENTRUST_SOFT_TOKEN";
List<ActivateParms.TypeEnum> types = new ArrayList<>();
types.add(ActivateParms.TypeEnum.ONLINE);
ActivateParms activateParms = new ActivateParms()
.deliverActivationEmail(true)
.type(types);
TokenCreateParms tokenCreateParms = new TokenCreateParms()
.activateParms(activateParms);
// Create a token of the given type for the given user
Token token = tokensApi.createTokenUsingPOST(userID, tokenType, tokenCreateParms);
System.out.println(token);
}
}
using com.entrustdatacard.intellitrust.admin.api;
using com.entrustdatacard.intellitrust.admin.Client;
using com.entrustdatacard.intellitrust.admin.model;
namespace Samples
{
internal class AdminApiSample
{
private static readonly string SHARED_SECRET = "YOUR_SHARED_SECRET";
private static readonly string HOST_NAME = "YOUR_HOST_NAME";
private static readonly string APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void Main()
{
Configuration configuration = new Configuration();
configuration.BasePath = HOST_NAME;
AdminAuthApi adminAuthApi = new AdminAuthApi(configuration);
var authParams = new AdminApiAuthentication(APPLICATION_ID, false, SHARED_SECRET);
var authResult = adminAuthApi.AuthenticateAdminApiUsingPOST(authParams);
configuration.AddApiKey("Authorization", authResult.AuthToken);
var tokensApi = new TokensApi(configuration);
var userID = "b0bba595-6876-4758-8b77-b785e17aff76";
var tokenType = "ENTRUST_SOFT_TOKEN";
var types = new List<ActivateParms.TypeEnum>();
types.Add(ActivateParms.TypeEnum.ONLINE);
var activateParms = new ActivateParms(deliverActivationEmail: true, type: types);
var tokenCreateParms = new TokenCreateParms(activateParms: activateParms);
var token = tokensApi.CreateTokenUsingPOST(userID, tokenType, tokenCreateParms);
Console.WriteLine(token);
}
}
from IntelliTrust_Python_Administration import ApiClient, Configuration
import IntelliTrust_Python_Administration.models as models
import IntelliTrust_Python_Administration.api as apis
conf = Configuration(
host = "YOUR_HOST_NAME",
)
with ApiClient(conf) as api_client:
admin_api = apis.AdminAuthApi(api_client)
auth_parms = models.AdminApiAuthentication(
application_id = "YOUR_APPLICATION_ID",
shared_secret = "YOUR_SHARED_SECRET",
)
auth_result = admin_api.authenticate_admin_api_using_post(auth_parms)
api_client.set_default_header("Authorization", auth_result.auth_token)
tokens_api = apis.TokensApi(api_client)
user_id = "b0bba595-6876-4758-8b77-b785e17aff76"
token_type = "ENTRUST_SOFT_TOKEN"
types = [
'ONLINE',
]
activate_parms = models.ActivateParms(
deliver_activation_email = True,
type = types,
)
token_create_parms = models.TokenCreateParms(
activate_parms = activate_parms,
)
token = tokens_api.create_token_using_post(user_id, token_type, token_create_parms=token_create_parms)
Activate a Token
The following code shows how to activate a token.
- Java
- CSharp
- Python
import com.entrustdatacard.intellitrust.admin.ApiClient;
import com.entrustdatacard.intellitrust.admin.api.*;
import com.entrustdatacard.intellitrust.admin.model.*;
import java.awt.Desktop;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
public class Main {
private static final String SHARED_SECRET = "YOUR_SHARED_SECRET";
private static final String HOST_NAME = "YOUR_HOST_NAME";
private static final String APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void main(String args[]) throws Exception {
// initialize the API client with the IDaaS hostname
ApiClient apiClient = new ApiClient();
apiClient.setBasePath(HOST_NAME);
AdminAuthApi adminAuthApi = new AdminAuthApi(apiClient);
// make a request to authenticate to the admin API application in IDaaS
AdminApiAuthentication authParms =
new AdminApiAuthentication()
.applicationId(APPLICATION_ID)
.sharedSecret(SHARED_SECRET);
AdminApiAuthenticationResult authResult = adminAuthApi.authenticateAdminApiUsingPOST(authParms);
// after authenticating to IDaaS, set the auth token in the API client so that it is used to authenticate
// subsequent admin calls
apiClient.setApiKey(authResult.getAuthToken());
// Create TokensAPI
TokensApi tokensApi = new TokensApi(apiClient);
String userID = "b0bba595-6876-4758-8b77-b785e17aff76";
String tokenType = "ENTRUST_SOFT_TOKEN";
List<ActivateParms.TypeEnum> types = new ArrayList<>();
types.add(ActivateParms.TypeEnum.ONLINE);
ActivateParms activateParms = new ActivateParms()
.deliverActivationEmail(true)
.type(types);
TokenCreateParms tokenCreateParms = new TokenCreateParms()
.activateParms(activateParms);
// Create a token of the given type for the given user
Token token = tokensApi.createTokenUsingPOST(userID, tokenType, tokenCreateParms);
// Activate the token
activateParms = new ActivateParms()
.deliverActivationEmail(true)
.returnQRCode(true)
.type(types);
ActivateResult activateResult = tokensApi.startActivateTokenUsingPOST(token.getId(), activateParms);
// Base64 decode the QR code
byte[] decodedQRCode = Base64.getDecoder().decode(activateResult.getActivationQRCode());
// Save the QR code to a file
Files.write(Paths.get("qrcode.png"), decodedQRCode);
// Open the QR code file
Desktop.getDesktop().open(new File("qrcode.png"));
System.out.println("Scan the QR Code with your Entrust Identity and input the activation code below");
System.out.println("Activation Code: " + activateResult.getActivationPassword());
}
}
using com.entrustdatacard.intellitrust.admin.api;
using com.entrustdatacard.intellitrust.admin.Client;
using com.entrustdatacard.intellitrust.admin.model;
namespace Samples
{
internal class AdminApiSample
{
private static readonly string SHARED_SECRET = "YOUR_SHARED_SECRET";
private static readonly string HOST_NAME = "YOUR_HOST_NAME";
private static readonly string APPLICATION_ID = "YOUR_APPLICATION_ID";
public static void Main()
{
Configuration configuration = new Configuration();
configuration.BasePath = HOST_NAME;
AdminAuthApi adminAuthApi = new AdminAuthApi(configuration);
var authParams = new AdminApiAuthentication(APPLICATION_ID, false, SHARED_SECRET);
var authResult = adminAuthApi.AuthenticateAdminApiUsingPOST(authParams);
configuration.AddApiKey("Authorization", authResult.AuthToken);
var tokensApi = new TokensApi(configuration);
var userId = "b0bba595-6876-4758-8b77-b785e17aff76";
var tokenType = "ENTRUST_SOFT_TOKEN";
var types = new List<ActivateParms.TypeEnum>();
types.Add(ActivateParms.TypeEnum.ONLINE);
var activateParms = new ActivateParms(deliverActivationEmail: true, type: types);
var tokenCreateParms = new TokenCreateParms(activateParms: activateParms);
var token = tokensApi.CreateTokenUsingPOST(userID, tokenType, tokenCreateParms);
Console.WriteLine("Token ID: " + token.Id);
Console.WriteLine("Token Type: " + token.Type);
Console.WriteLine("Token State: " + token.State);
activateParms = new ActivateParms(deliverActivationEmail: true, returnQRCode: true, type: types);
var activateResult = tokensApi.StartActivateTokenUsingPOST(token.Id, activateParms);
var decodedQRCode = Convert.FromBase64String(activateResult.ActivationQRCode);
File.WriteAllBytes("qrcode.png", decodedQRCode);
Console.WriteLine("Scan the QR Code with your Entrust Identity and input the activation code below");
Console.WriteLine("Activation Code: " + activateResult.ActivationPassword);
}
}
from IntelliTrust_Python_Administration import ApiClient, Configuration
import IntelliTrust_Python_Administration.models as models
import IntelliTrust_Python_Administration.api as apis
conf = Configuration(
host = "YOUR_HOST_NAME",
)
with ApiClient(conf) as api_client:
admin_api = apis.AdminAuthApi(api_client)
auth_parms = models.AdminApiAuthentication(
application_id = "YOUR_APPLICATION_ID",
shared_secret = "YOUR_SHARED_SECRET",
)
auth_result = admin_api.authenticate_admin_api_using_post(auth_parms)
api_client.set_default_header("Authorization", auth_result.auth_token)
tokens_api = apis.TokensApi(api_client)
user_id = "b0bba595-6876-4758-8b77-b785e17aff76"
token_type = "ENTRUST_SOFT_TOKEN"
types = [
'ONLINE',
]
activate_parms = models.ActivateParms(
deliver_activation_email = True,
type = types,
)
token_create_parms = models.TokenCreateParms(
activate_parms = activate_parms,
)
token = tokens_api.create_token_using_post(user_id, token_type, token_create_parms=token_create_parms)
print("Token Serial Number: " + token.serial_number)
print("Token State: " + token.state)
activate_parms = models.ActivateParms(
deliver_activation_email = True,
return_qr_code = True,
type = types,
)
activate_result = tokens_api.start_activate_token_using_post(token.id, activate_parms=activate_parms)
import base64
decoded_qr_code = base64.b64decode(activate_result.activation_qr_code)
with open("qr_code.png", "wb") as f:
f.write(decoded_qr_code)
import webbrowser
import os
webbrowser.open("file://" + os.path.realpath("qr_code.png"))
print("Scan the QR Code with your Entrust Identity and input the activation code below")
print("Activation Code: " + activate_result.activation_password)