My username and password don't work for accessing the Mindsphere API's. How can I access the Mindsphere API's from outside Mindsphere?
Solution
MindSphere offers 2 different ways to authenticate requests to the MindSphere API.
1. Application Credentials (recommended)
Prerequisite:
- MindSphere Developer or Operator Tenant
Application Credentials consist of a client_id and a client_secret. Both can be requested from the Developer Cockpit's Authorization Management after the application has been created.
https://documentation.mindsphere.io/resources/html/developer-cockpit/en-US/124342226699.html
Those credentials can then be used to request an application access token from the Token Management Service.
https://developer.mindsphere.io/apis/exchange-tokenmanager/api-tokenmanager-overview.html
After an application that incorporates application credentials has been promoted to an Operator tenant, that application will then be assigned a new client ID and client secret. This new client ID and client secret can be used to acquire an application access token to access the MindSphere API's on the Operator tenant. After the application has been provisioned to an IOT Value Plan, the application can then acquire an application access token using the same client ID and client secret as it did with the Operator Tenant to access the MindSphere API's on any IOT Value Plan it's provisioned to. For more information on this process use the documentation links above.
2. Session Cookies (Recommended for Postman)
After logging in to a Mindsphere Tenant, the user receives a Session cookie which keeps the current browser session active. This cookie can be used for authenticating requests to our API and the Cookie and its value can be read out via the browser console (console can be opened with "F12"). The exact place where the cookie can then be found depends on the used browser:
Chrome: -> Application -> Cookies
Firefox: -> Storage -> Cookies
The cookie roles and scopes depend on the application from where the cookie was received. Example: The AssetManager combines all roles and scopes for the Asset Management API. A Cookie will have all those roles and scopes when using the Cookie from this application:
https://{{Tenant_Name}}-assetmanager.{{region}}.mindsphere.io
The same applies to every application which provides a cookie.
Useful session cookie links:
https://learning.getpostman.com/docs/postman/sending-api-requests/cookies/
Notes