Authentication is a critical first step when working with the OpCon API. It ensures that only authorized users and applications can interact with the system. There are two primary methods for obtaining an authentication token:
1. Via Solution Manager (Web Interface)
2. Via API Call (Programmatic Access)
1. Authentication via Solution Manager
This method is ideal for users who prefer a graphical interface and need a quick way to generate a token for testing or manual API calls.
Steps:
- Log into Solution Manager.
- Navigate to your User Profile.
- Click on 'External Token'.
- Click 'Generate Token'.
Copy the token and use it in your API requests.
Note: If you do not see the 'External Token' option, check your user permissions or OpCon version.
2. Authentication via API Call
This method is suitable for automation and scripting. You can generate both user and application tokens programmatically.
Example PowerShell Script to Generate a User Token:
$url = "https://<your-opcon-server>/tokens"
$body = @{
username = "your_username"
password = "your_password"
type = "user"
} | ConvertTo-Json
$headers = @{ "Content-Type" = "application/json" }
$response = Invoke-RestMethod -Uri $url -Method Post -Body $body -Headers $headers
$token = "Token " + $response.id
Note: Replace <your-opcon-server>, username, and password with actual values.
Using the Token in API Requests
Once you have a token, include it in the Authorization header of your API requests.
Example Header:
Authorization: Token <your-token-value>
Token Types
- User Tokens: Expire after a short duration (e.g., 20 minutes).
- Application Tokens: Do not expire and are suitable for long-running integrations.
Common Pitfalls
- Forgetting to prefix the token with 'Token '.
- Using expired user tokens.
- Missing permissions to generate or use tokens.