- 3 minutes to read
- Print
- DarkLight
- PDF
Default request usage
- 3 minutes to read
- Print
- DarkLight
- PDF
Each request in the A2A WebService must have the OAuth Consumer Key and the OAuth Token of the client. In this way, each request URI is similar to the example below:
https://senhasegura/iso/*MODULE*/*FUNCTION*
- MODULE: senhasegura WebService A2A function module
- FUNCTION: Module function
From this point ahead, you must choose which authentication method you will use.
OAuth v1.0 authentication
Requirements
- Previously registered application using OAuth v1.0 as authentication method
- Previously registered application authorization
Consumer keys and tokens
In order to initiate requests using OAuth 1.0, the following information must be provided:
- consumer_key
- consumer_secret
- token_key
- token_secret
To find that information, follow these steps:
- Access the A2A module.
- Click on Applications.
- In the Action column of the desired application, click on ☰ .
- Copy the following parameters.
- consumer_key
- consumer_secret
- token_key
- Token_secret
- Close the window,
Making a request using OAuth 1.0
There are numerous ways to make an authentication request using OAuth 1.0. In the following example, Python is being used to demonstrate it. Use the following script:
import requests
import urllib3
from requests_oauthlib import OAuth1
def make_oauth1_request():
url = "https://<SENHASEGURA_HOSTNAME>/<ENDPOINT>"
consumer_key = "CONSUMER_KEY"
consumer_secret = "CONSUMER_SECRET"
token_key = "TOKEN_KEY"
token_secret = "TOKEN_SECRET"
oauth = OAuth1(consumer_key, consumer_secret, token_key, token_secret)
try:
response = requests.get(url, auth=oauth, verify=False)
if response.status_code == 200:
print("Request was successful!")
print("Response:")
print(response.text)
else:
print("Request failed with status code:", response.status_code)
except requests.exceptions.RequestException as e:
print("An error occurred:", e)
if __name__ == "__main__":
urllib3.disable_warnings()
make_oauth1_request()
Parameters
Parameters | Description |
oauth_signature* | It is a string of unique characters that act as a signature for a request. For more information, go to the documentation for creating the signature. |
oauth_version* | Make sure you set the version value to 1.0. |
oauth_signature_method* | Make sure you set the signature method to HMAC-SHA1. |
oauth_consumer_key* | Use the consumer_key value, previously obtained in the Consumer and Token section |
oauth_token* | Use the token_key value, previously obtained in the Consumer and Token section. |
oauth_consumer_secret* | Use the consumer_secret value, previously obtained in the Consumer and Token section |
oauth_token_secret* | Use the token_secret value, previously obtained in the Consumer and Token section |
oauth_nonce | It’s a unique and random value generated by the client for each request. |
oauth_timestamp | It's the number of seconds since January 1, 1970 00:00:00 GMT, responsible for generating a date signature. |
OAuth v2.0 Authentication
When using OAuth v2.0 authentication, renew the authorization token when it expires. By default, senhasegura creates a token valid for 24 hours.
1. Request a new token for the A2A WebService using the following URI:
POST https://senhasegura/iso/oauth2/token
2. Enter the grant_type, client_id and client_secret values in the requisition body.
- grant_type: the entered value must always be "client_credentials".
- client_id: value informed by senhasegura.
- client_secret: value informed by senhasegura.
You obtain the values to inform in the client_id and client_secret through the menu A2A → Authorizations for the application when clicking on the key icon to visualize the authorization.Client ID viewscreen

3. Your request should look similar to the template below:
{
grant_type: "client_credentials"
client_id: "765299ec425cf0255badc739c2dce1b10634973e1"
client_secret: "f13aeddeb57f262835871dab5d839b70"
}
4. After adding the values, your application will receive a JSON dictionary similar to the following example:
{
"token_type": "Bearer",
"expires_in": 3600,
"access_token": "
eyJ0eXAiOiJKV1QiL0IjoxNTgwNDM2NTk4LCJuYmYiOjE1ODA0MzY1OTgsImV4cCI
6MTU4MDQ0MDE5OCwic3ViIjoiTVRNeE1qQWtTRGRPUVRWV1ozcEVSI6Ijg0OWYw
ZmVhNDI0ZDc5NWUwYTg2MjVlMTdiZWE2YTAyNTQyMzAxNjQzYmRmYTc5ZjYzZDN
hM2U3ZmI5ZjQzbGCJhjg0OWYwZmVhNDI0ZDc5NWUwYTg2MjVlMTdiZWE2YTAyNT
QyMzAxNjQzYmRmYTc5ZjYzZDNhM2U3ZmI5ZjQzYmM2MjRhYzg5YmVhMzFhOGQwI
iwiaWFciOiJSUzI1NiIsImp0ahYzg5YmVhMzFhOGQwIn0.eyJhdWQiOiIzY2E4Y
Tk4ZDkwNzU0MzgxMjMzNGY3ZjVkYmFmY2E2NTA1ZTMzMTlmYiIsImp0aSI6IYmM
2MjRTRzB6ZFZONlZXVXhhVWN2Y1RKdFRXNTVhM05sZGtOd1JHeHllbXR5VEV3eE
5EMD0iLCJzY29wZXMiOltdfQ.efqHZdlij6sQcj_l9RbNNKxDbf81CbIoTFwdIk
ooT5bK14N5iUazrT8jpB_JsgQdQ8RyD5xF_ReKSj4Al7hp1uRXIiuErlKv1FpxY
9oNC44kldlumjyevu87GJ0qzem0RYNc3930UbT-XEYqnQijg0se8_GdzdLkxyMn
0kxApkAkv-to9EUdbbrvvno_pmqiZGyamw6J2BL1aCqwne3S8CCG34TXRyJyqkG
rPrDO-NPi2fj25PRbX8Ci1iIqXdYvEkefg-g-i0A_Hp9E3s585c5wqxreSBAIwi
aGtnTkxw0D14JPzqWf48hbvVRPGMj_-KXJTnu-zXkkEPNYs8oWpA"
}
5. Reserve the access_token. It must be used on every next method call.
GET https://senhasegura/iso/oauth2/token
6. Fill the Authorization request header with the token_type and value of the access_token.
Authorization: Bearer {{token}}
7. After including a valid token in the header, the new API call is duly answered by senhasegura.
The available PAM methods are listed here.
It is possible to link an SSL certificate fingerprint to a customer's authorization WebService A2A. If linked, the senhasegura will validate the CA of the client's SSL certificate with each request as an additional authentication step.
The certificate does not invalidate or replace validation using OAuth methods.
See section 2.3 "Client Authentication" in RFC 6749 for a better understanding of the OAuth 2.0 protocol. You can also refer to section 7.1 "Access Token Types" for more details.