An OAuth2 client follows a standard protocol and can be used to obtain a Suite Auth access token for authentication of your application when using Bosch IoT Suite API endpoints.
The OAuth2 clients UI feature allows to create, list, filter, view, and manage OAuth2 clients, use them to create access tokens, as well as act as an application.
Create new OAuth2 client
To create an OAuth2 client, navigate to OAuth2 clients from the left sidebar, or search for it in Services and features and if needed, use the star icon to pin it to the left navigation.
Click the + icon in the top right to open a dialog where you can enter the required data.
In particular, you have to enter:
Name - an arbitrary name for this new OAuth2 client
Client secret - at least 8 characters long
Organization scopes - select only one organization scope to specify which role of the related organization gets access by this OAuth2 client
Service scopes - select one or more service scopes to define which service instances will be accessible by this OAuth2 client
Custom Insights scopes - click the + icon to open a dialog where you can select a Bosch IoT Insights project and define a role which can access it
Then confirm with Save.
List and filter existing OAuth2 clients
A list of the OAuth2 clients which you have created will be displayed on the main view of the OAuth2 Clients UI feature.
You can filter through your OAuth2 clients using the search bar.
View OAuth2 client information
When you select an OAuth2 client on the list, its details will appear on the right.
In particular, you will be able to see its:
Client secret - you can view it via the Show button
Client ID - automatically assigned by the system, you can copy it via the copy icon at the end of it
Custom Insights scopes - in case such have been added for this client
Manage the OAuth2 client
Click the actions icon on the top right to open a dialog with the available management actions:
Act as application - you can act as an application using the token of the OAuth2 client to test your work. An example is provided here.
Edit - allows you to change the initial settings such as name, secret, organization scopes and service scopes
Use access token - you can use your OAuth2 client to create an access token for service API requests. See details below.
Delete - you will be asked for confirmation before you actually delete the specified client
Use access token
By clicking this action, you can obtain a test access token, along with examples of how to fetch an access token for your client, and how to use the obtained access token to access a Bosch IoT Suite service API.
Test access token
You can use the test token to test an API call manually, however, do not use it in your application configuration, as it is set to expire in 720 minutes.
Fetch access token examples
You will find various examples of how to fetch an access token for your client.
The response body will contain the access token, which can then be used in the Authorization HTTP header for subsequent API calls, and some additional meta information such as expiration time, actually granted scopes, and the token type.
Use Service API examples
You will find cURL and Spring examples of how to use the obtained access token to access a Bosch IoT Suite Service API.
Token details via User view
The User dialog in the header bar also displays information about your currently used OAuth2 token, namely its ID, its expiry and Refresh token.
From there you can also start to Act as application.