5.2 Calling the API from the documentation

The Swagger-based documentation for the API allows you to try the methods from within the documentation itself, once you have configured the server for the appropriate method of authentication.

5.2.1 Calling the API from the documentation using server-to-server authentication

Once you have configured the web server for server-to-server authentication, you can also use the client ID and shared secret to authenticate to the server to access the API features from the Swagger-based API documentation:

  1. Open the API documentation in a browser.

    See section 2.1, Accessing the API documentation for details.

  2. Click Authorize.

    The Available authorizations screen appears.

  3. In the oauth2 (OAuth2, clientCredentials) section, enter the following:

    • client_id – your client ID; for example, myid.mysystem.

    • client_secret – your client secret; for example:

      82564d6e-c4a6-4f64-a6d4-cac43781c67c

      Note: Do not use the combined client ID and Base64 version of the client secret.

    • Scopes – select the myid.rest.basic option.

  4. Click Authorize.

  5. Click Close.

5.2.2 Calling the API from the documentation using end-user authentication

You can use end-user authentication to access the API from within the documentation.

  1. Edit the appsettings.json file for the web.oauth2 web service to include the Swagger callback URL.

    1. Open the appsettings.json file in a text editor.

      By default, this is:

      C:\Program Files\Intercede\MyID\web.oauth2\appsettings.json

      Note: If you have an appsettings.Production.json file, use that instead. This is the override configuration file for the appsettings.json file for the web service.

    2. In the Clients section, under the myid.operatorclient settings, add the following to the RedirectUris array:

      https://<server>/rest.core/swagger/oauth2-redirect.html

      where <server> is the name of your MyID authentication. For example:

      "RedirectUris": [
      "https://react.domain31.local/MyID/OperatorClient",
      "https://react.domain31.local/rest.core/swagger/oauth2-redirect.html"
      ]

  2. Click Authorize.

  3. The Available authorizations screen appears.

  4. Scroll to the oauth2 (OAuth2, authorizationCode) section, and enter the following:

    • client_id – enter myid.operatorclient.

      If you have set up your own system to use end-user authentication, you can use this client ID instead.

    • Scopes – select the myid.rest.basic option.

  5. Click Authorize.

  6. Complete the authentication using your method of choice; for example, security questions or smart card.

    Note: You may need to ensure that the MyID Client Service is running on your PC.

  7. Click Close.