How to use an Application Token for API authentication?

04.12.2020

Each time you want to use the emnify API, you need to authenticate. You can do so with your emnify credentials or with an Application Token which is more secure. Here are the steps:

  1. Create an Application Token on the EUI;
  2. Generate an Authentication Token based on the application token;
  3. Use the Authentication Token for all other API

1. Create an Application token on the emnify User interface 

  • Click on this symbol clip in the right corner of the EUI.
  • Select "Create New Application Token"
  • Save the application token in a secure place 

2. Generate an Authentication Token from Postman

You can use the Application Token to create an Authentication Token in Postman, which you will then use to run any other emnify API as explained here.

Once the application token is created, you can use it to generate an authentication token. Log in Postman, copy the application token as below and send the following API call. It will create an application token visible in the response body.

To automate authentication, you will have to create a variable with the authentication token from the response body. A new variable called: "Auth_Token" will be created. 

API Call

POST https://cdn.emnify.net/api/v1/authenticate

Headers

Content-Type: application/json

Body

First of all click on "Raw,

insert the body below :  

{

"application_token":"daDayJhbasaDADGciOiJIUzUxMiJ9.eyJlc2MuYXBwc2VjcmV0IjoiMDgyMmU1MzgtM2NhYi00ZTI1LTlmOTgtZTA2NjU1MzBjYzRkIiwic3ViIjoic3VjY2Vzc0BlbW5pZnkuY29tIiwiYXVkIjoiXC9hcGlcL3YxXC9hcHBsaWNhdGlvbl90b2tlbiIsImVzYy5hcHAiOjczOSNjLnVzZXIiOjE5NDgwMiwiZXNjLm9yZyI6MTU3MiwiZXNjLm9yZ05hbWUiOiJFTW5pZnkgR3Jvd3RoIFRlYW0iLCJpc3MiOiJzcGMtZnJvbnRlbmQxMDFAc3BjLWZyb250ZW5kIiwiZXhwIjoxNjA5NDU1NTk5LCJpYXQiOjE1MTAwNTkyODl9IUHHTbioPOIsZSzar"

}

Tests: 

var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("Auth_Token",jsonData.auth_token)

Response: status  200 OK

{

"auth_token":"UINiILhnHOIoiJIUzUxMiJ9.eyJhdWQiOiJcL2FwaVwvdjFcL2F1dGhlbnRpY2F0aW9uIiwiZXNjLmFwcCI6NzM5LCJlc2MudXNlciI6bnVsbCwiZXNjLm9yZyI6MTU3MiwiZXNjLm9yZ05hbWUiOiJFTW5pZnkgR554554454265FRlYW0iLCJpc3MiOiJzcGMtZnJvbnRlbmQxMDFAc3BjLWZyb250ZW5kIiwiZXhwIjoxNTEwMDczNzUzLCJpYXQiOjE1MTAwNTkzNTN9.nSAMOKzBeu33tS-ihdhuHiUIGFRTyGtTRFvytGF"

}

Note: Do not forget to save this request in order to refresh the authentication token for the following connections.

3. Use the Authentication Token for the following API requests

For demo purposes, we will integrate into the authentication token in the API call to GET the Endpoint Collection. The steps will be the following : 

  1. Send Authentication API with Application token to refresh authentication token (cf. above)
  2. Send the following API call to retrieve endpoint collection with the Auth token

API Call

GET https://cdn.emnify.net/api/v1/endpoint?page=1&per_page=20&sort=id

Headers

Content-Type: application/json

Authorization: Bearer

Response: status  200 OK


[
  {

    "id": 1,

    "name": "arduino01",

    "tags": "arduino, meter, temp",

    "created": "2014-08-01T08:47:00+00:00",

    "last_updated": "2016-02-29T14:02:47.000+0000",

    "status": {

      "id": 1,

      "description": "Disabled"

    },

    "service_profile": {

      "id": 1,

      "name": "Smart Meter"

    },

    "tariff_profile": {

      "id": 3,

      "name": "Domestic only"

    },

    "sim": {

      "id": 788,

      "iccid": "7368267365454773621",

      "imsi": "90199123565690",

      "msisdn": "+885637486456"

    },

    "imei": "8645454889321",

    "imei_lock": true,

    "ip_address": "10.288.23.75",

    "ip_address_space": {

      "id": 2

    },

]

From now on, you can use the emnify API library. Do not forget to integrate the authentication token for each of your API calls.
Image of Jean-Eudes Ambroise

Jean-Eudes Ambroise

Director of Customer Success at emnify, Jean-Eudes is an expert in IoT.

Related Posts

Image for post How to use Rest-API via Postman

How to use Rest-API via Postman

03.02.2021 –

You can use Postman as a powerful tool for testing and running EMnify’s Rest-API and perform operations in bulk.
Image for post Ultimate guide to update IoT Firmware with EMnify and Serverless on AWS

Ultimate guide to update IoT Firmware with EMnify and Serverless on AWS

29.04.2021 –

In the world of IoT device management, going Serverless takes care of most of the hassle of doing it yourself. How would you feel if your application could tell your tracking device to update when it would be the cheapest to do so? How about telling your device to send data less frequently when it is connected to a network with expensive data rates? I will show you how to do exactly that. In this post, I will explain how to manage your devices using the EMnify Data Streamer, AWS Kinesis and AWS Lambda.
Image for post How to send and receive SMS via the API?

How to send and receive SMS via the API?

04.12.2020 –

To submit SMS directly from your application to an endpoint using our API, the following API call needs to be made: POST https://cdn.emnify.net/api/v1/endpoint/{endpointId}/sms Required Headers: Content-Type: application/json Authorization: Bearer {auth_token} JSON Body: { "source_address": "12345", "payload": "This is the message text!" } To receive SMS on your application server from the device you will need to first set up a Callback URL in the Service profile assigned to that endpoint: Set the API URL on the "SMS" tab - select "RestAPI" on the drop-down menu for “Interface” Select the “configuration icon” next to “RestAPI”, input a purpose (name of your choosing) and the URL You can also set up a "Secret" (optional) The EMnify system will then send the MO SMS as a JSON payload if the destination address of the SMS is an invalid MSISDN (8 digits or less). A2P / P2P Routing Our system distinguishes A2P SMS (application-to-person) from P2P SMS (person-to-person) based on the length of the source (MO SMS) or the destination (MT SMS) address. If there are 8 digits or less (i.e. an invalid MSISDN), an SMS will be considered A2P. If there are 9 digits or more, an SMS will be processed as MSISDN and will be considered P2P. To dispatch SMS MO to your application (A2P) and at the same time have P2P SMS enabled, the destination number (dest_address) must be limited to 8 digits or less. A detailed description of the SMS API you can find in our API Documentation.