Basic authentication

For requesting the RESTful services directly with a REST client, authentication must be ensured. Therefore, the Basic Authentication is used:

Within the header of an HTTP request, the Authorization field must be set.

Therefore, the credentials of the API user must be encoded with Base64 and need to be included like this: Authorization: Basic base64(User:Password).

The following example shows an authorization header for the credentials foo:bar.

OAuth via Azure Active Directory

You can use an OAuth bearer token provided by Microsoft Azure AD to access the Bosch IoT Insights API.

The API requires a token for the scope of Bosch IoT Insights: api://bosch-iot-insights-prod/access

To request a token with this scope, you need an App Registration in the Bosch Tenant of Azure Active Directory. Your App needs to be authorized to request the scope of Bosch IoT Insights. You can request an authorization by the Bosch IoT Insights support by providing your Client ID.

There are different possibilities to acquire a token, e.g.:

• Auth Code Flow

• User On Behalf flow

The resulting JWT will have a payload as follows:

0ae51e19-07c8-4e4b-bb6d-648ee58410f4 refers to the Bosch tenant ID, and a9812fa5-5f4f-45d1-940f-c60e80e26178 is the application ID of insights-api-prod.

OAuth via Custom IDP

You can configure a custom identity provider (IDP) within your project to access project specific REST APIs.

See: Custom Identity Provider (IDP) Authentication