Authentication tokens

Authentication tokens

How to get your access token.

The API is secured with OAuth2.0. To access the API, the developer must have a token. This means that he must be able to retrieve an access token. In order to retrieve an access token, the developer must first be registered on the authorization server.

This request must be made in advance to Mrs. Filoretta Velica at the following address xds@abrumet.be

The following preconditions will be required for any registration with Abrumet:

• An application
• A self-signed security certificate
• Installation of Brusafe + public safety certificates
• GlobalSign Root CA -
  • GlobalSign Domain Validation CA - SHA256 - G2 -
• *.qa.brusafe.be http://doc.brusafe.be/display/MQE/Certificates
• Ask a certificate to xds@abrumet.be

The following information should appear in the mail:

• The name of your application
• The url of your application
• The access request document complete
• The type of application
  • Mobile of Application

An email of approval will be sent to you a few days after your request.

How to recover the access token " Bearer"

Following the approval of your request, you will be able to recover your access token

1. Open your browser, and please go to the following address

https://auth.qa.brusafe.be/auth/realms/abrumet/protocol/openid-connect/auth?response_type=id_token%20token&client_id=<Application_Name>&redirect_uri=<Application_URL>&nonce=0

Please replace the following parameters:

• <Application_Name> = the name of your application provided in the access request
• <Application_URL> = the url of your application provided in the access request

It should be noted that we can use this url to have a bearer token. https://auth.qa.brusafe.be/auth/realms/abrumet/protocol/openid-connect/auth?response_type=id_token%20token&client_id=example-pablo-app&redirect_uri=http%3A%2F%2Flocalhost&nonce=0

1. When authentication is done, please copy the generated url. This will contain all the information needed to connect the various web services of the application Abrumet.

http://localhost/#id_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxSVF1ZzdJOG5uT2IzbWlNLWFtVDVQVTQ5ZHc4YmF5RW9DYWlxVWFMNVFzIn0.eyJqdGkiOiI3YjY4NDdhZC03ZjlkLTRhMzctYTlkOC1kZTM3NzAzNGZkNDkiLCJleHAiOjE1MDk2MzQyNTIsIm5iZiI6MCwiaWF0IjoxNTA5NjMwNjUyLCJpc3MiOiJodHRwczovL2F1dGgucWEuYnJ1c2FmZS5iZS9hdXRoL3JlYWxtcy9hYnJ1bWV0IiwiYXVkIjoiZXhhbXBsZS1wYWJsby1hcHAiLCJzdWIiOiIyMTJjMjdhOC0wNDQ0LTQ1YmYtYmEzMy0wY2JhM2E4YjE2ZGYiLCJ0eXAiOiJJRCIsImF6cCI6ImV4YW1wbGUtcGFibG8tYXBwIiwibm9uY2UiOiIwIiwiYXV0aF90aW1lIjoxNTA5NjMwNTkyLCJzZXNzaW9uX3N0YXRlIjoiYjdkOTEyMWQtZDZkNi00MTliLTlhZDYtNTRkZGNkZTNlZjc1IiwiYXRfaGFzaCI6InFyM3hFSm1YWHZWM2FVZXBKakhZQ2ciLCJhY3IiOiIwIiwibmFtZSI6IkZpbG9yZXR0YSBWZWxpY2EiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJmaWxvcmV0dGEudmVsaWNhQGFicnVtZXQuYmUiLCJnaXZlbl9uYW1lIjoiRmlsb3JldHRhIiwiZmFtaWx5X25hbWUiOiJWZWxpY2EiLCJlbWFpbCI6ImZpbG9yZXR0YS52ZWxpY2FAYWJydW1ldC5iZSJ9.OSOIKG7c0FPJtFqus-0vHAgS_5460l9qFznhJ0fFa3-qLpB8A8wXhvN2hm59xGGmRNpbJpLCNCLTamXmEQKSATCySr0PXH5ZaL3tb_zziJWnmRzvD40FG71ykA0_gkyDX3l4cBZpBgyI4OGg1a70byZdolTRud97Tj5ev7bKjkLSgys7x4cTJ0rQpqEdPw6jIavvoympwxclCDYmfiaMcoEPakdxiPecjcni6mhybPhC8meRC_lQKd60S5tj_dm9zzs3a6Yp1MaiIGdvQGnCOtft2E3y_tQld8MkSUeRKK8Jygh35-S_TGJiQDHl1hFphagJxtPsY0BMjv4SbvHGcQ&access_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxSVF1ZzdJOG5uT2IzbWlNLWFtVDVQVTQ5ZHc4YmF5RW9DYWlxVWFMNVFzIn0.eyJqdGkiOiI1Yjk1NjE2NC0zOGE0LTQyZmMtOTBiNC1kOWI1MTBkYWQ0MTciLCJleHAiOjE1MDk2MzQyNTIsIm5iZiI6MCwiaWF0IjoxNTA5NjMwNjUyLCJpc3MiOiJodHRwczovL2F1dGgucWEuYnJ1c2FmZS5iZS9hdXRoL3JlYWxtcy9hYnJ1bWV0IiwiYXVkIjoiZXhhbXBsZS1wYWJsby1hcHAiLCJzdWIiOiIyMTJjMjdhOC0wNDQ0LTQ1YmYtYmEzMy0wY2JhM2E4YjE2ZGYiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJleGFtcGxlLXBhYmxvLWFwcCIsIm5vbmNlIjoiMCIsImF1dGhfdGltZSI6MTUwOTYzMDU5Miwic2Vzc2lvbl9zdGF0ZSI6ImI3ZDkxMjFkLWQ2ZDYtNDE5Yi05YWQ2LTU0ZGRjZGUzZWY3NSIsImFjciI6IjAiLCJjbGllbnRfc2Vzc2lvbiI6IjJlMzE0OTJmLTVhZDUtNGU0ZC1hZjc2LTgyYjgzMjc1MTI3NyIsImFsbG93ZWQtb3JpZ2lucyI6W10sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJtZWRpY2FsIiwicGF0aWVudCIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsInZpZXctcHJvZmlsZSJdfX0sIm5hbWUiOiJGaWxvcmV0dGEgVmVsaWNhIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiZmlsb3JldHRhLnZlbGljYUBhYnJ1bWV0LmJlIiwiZ2l2ZW5fbmFtZSI6IkZpbG9yZXR0YSIsImZhbWlseV9uYW1lIjoiVmVsaWNhIiwiZW1haWwiOiJmaWxvcmV0dGEudmVsaWNhQGFicnVtZXQuYmUifQ.Zefut_namx11aRYsbWY0Ej27-p-ZPTR5hDYpVpDpQF2adcTUFrbTJj2h4us8Vgn42HD7qJym9WprGJgKM-kDPppdwJAu0FIPTN2dTbtL76Y72_euaKSLuAixqSisPVj4_JUZiBQ7Lgj0r1ZpTCG4ji7LIKGnjj_ACk1H1iA_72jbJUJeGRiFOEmOf46QqTfEpWuf7YSwMvtpVmI3iXC1eFXU8t6Ui4E1nslnUiTdSQsQXPVgMDktX3TrEIVO_QjzOdZqsFHVoMSi1IL6ZR338JPMgnm4g4VBaxzwFha40mMiA0MJrwitGTw8LmWP3WysROSCosefQSwAi4Pj1tI-Kw&token_type=bearer&session_state=b7d9121d-d6d6-419b-9ad6-54ddcde3ef75&expires_in=3600&not-before-policy=0

The "access_Token" parameter contains the Bearer ID. Each access request must therefore include an Authorization header with the Bearer authentication mechanism.

Par exemple,

Autorisation: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6I

How to recover the SAML Token using the swagger editor

The SAML will manage both the XML message format, called assertion, as well as the information needed for authentication and the exchange process between two major partners:

• Le SP (Service Provider), which protects access to requested resources (websites, applications etc.) by applying a security policy. For example, it blocks all access to an unauthenticated user and directs it to their identity provider.
• L'IdP (Identity Provider) responds to the request of the SP. It is responsible for authenticating the user and forging the response containing the information associated with the identity (group in general) and requested by the SP.

1. Open your browser and please go to the following address:

http://editor2.swagger.io/#!/

2.Click on "File" and select "Import URL"

3. Enter the following address in the dialog box that appears

https://auth.qa.brusafe.be/relation-api/swagger/swagger.json#/

4. Click on "Import"

5. The entire JSON code loads into the swagger editor .

6.     Edit line 16 and replace "localhost: 8080" with the following address "auth.qa.brusafe.be"

7.     Enter the bearer token in the dialog box that appears. Be careful, there must be a space between bearer and your token.

8.  Click on "Authenticate"

9.     Your Bearer Token is configured in order to appeal to different methods

10.  If you are a practitioner and your patient is not yet connected. Please do the steps:

• /medical/relation/request (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".

• /medical/relation/confirm (National Register Number of the patient is a precondition and the validation code). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".

Attention, any relation is valid 15 months. Beyond this date, a relationship request will have to be redone in the system.

• /medical/relation/assertion (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".

11.  If you are just a patient, go directly to the "/ patient / assertion" method. In the request options, select the protocol "https" as scheme and select an "Application / xml" format as return. Then click on "Send Request".

12.  If your Bearer Token is valid, a return code will be executed in the Swagger Editor.

You have just recovered the saml token using the Swagger Code Editor.