Get your service configuration:
- In CF from VCAP_SERVICES environment variable
- In K8s/Kyma from configuration secrets
The documentation assumes the utility curl and awk to be installed (Mac OS: brew install curl, Ubuntu: sudo apt-get install curl). Alternatively, use Postman Rest Client.
Using X.509 Client Certificate
-
Store the
certificateandkeyfrom your service configuration in separate files in PEM format.❗ In case you experience invalid PEM file errors, \n characters might have to be replaced by newlines \n to have the PEM in the correct format.
awk '{gsub(/\\n/,"\n")}1' <file>.pem
-
Fetch the token using:
curl command
❗Replace the
<<>>placeholders with the values from the service configuration.curl --cert certificate.pem --key key.pem -XPOST <<credentials.url>>/oauth2/token \ -d 'grant_type=password&client_id=<<credentials.clientid>>&username=<<your ias user>>&password=<<your ias password>>'
Postman
- In Postman navigate to Settings -> Certificates, click on "Add Certificate" and provide the certificate and key
PEMfiles and host name.
- Import Postman Collection. For more info on how to import it in the Postman see learning.postman.com
- Fill in the corresponding ias_* Postman variables
- Open the 'IAS Token | pswd grant' Postman Collection and send the request
- In Postman navigate to Settings -> Certificates, click on "Add Certificate" and provide the certificate and key
Using Client Credentials
-
Fetch the token using:
curl command
❗Replace the
<<>>placeholders with the values from the service configuration.curl -XPOST -u '<<credentials.clientid>>:<<credentials.clientsecret>>' https://<<credentials.url>>/oauth2/token \ -d 'grant_type=password&username=<<your ias user>>&password=<<your ias password>>'
Postman
- Import Postman Collection. For more info how to import it in Postman see learning.postman.com
- Fill in the corresponding ias_* Postman variables
- Open the 'Ias Token | pswd grant' Postman Collection and send the request
Using X.509 Client Certificate
- Store the
certificateandkeyfrom your service configuration in separate files in PEM format.
❗ In case you experience invalid PEM file errors, \n characters might have to be replaced by newlines \n to have the PEM in the correct format.
awk '{gsub(/\\n/,"\n")}1' <file>.pem
-
Fetch the token using:
curl command
❗Replace the
<<>>placeholders with the values from the service configuration.curl --cert certificate.pem --key key.pem -XPOST <<credentials.certurl>>/oauth/token \ -d 'grant_type=password&client_id=<<credentials.clientid>>&username=<<your xsuaa username>>&password=<<your xsuaa password>>'
Postman
- In Postman navigate to Settings -> Certificates, click on "Add Certificate" and provide the certificate and key
PEMfiles and host name. - Import Postman Collection. For more info on how to import it in the Postman see learning.postman.com
- Fill in the corresponding xsuaa_* Postman variables
- Open the 'Xsuaa Token | pswd grant mTLS' Postman Collection and send the request
- In Postman navigate to Settings -> Certificates, click on "Add Certificate" and provide the certificate and key
Using Client Credentials
-
Fetch the token using:
curl command
❗Replace the
<<>>placeholders with the values from the service configuration.curl -X POST <<credentials.url>>/oauth/token \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'client_id=<<credentials.clientid>>&client_secret=<<credentials.clientsecret>>&grant_type=password&username=<<your xsuaa username>>&password=<<your xsuaa password>>'Postman
- Import Postman Collection. For more info how to import it in Postman see learning.postman.com
- Fill in the corresponding xsuaa_* Postman variables
- Open the 'Xsuaa Token | pswd grant' Postman Collection and send the request