Obtaining an Access Token from SAP Fieldglass Server

Describes how to obtain an access token from the SAP Fieldglass server.

Before your client application can access private data using an SAP Fieldglass REST API, it must request an access token from the SAP Fieldglass Authorization Server to grant access to the API. A single access token can grant varying degrees of access to multiple APIs.

After an application obtains an access token, it sends the token to an SAP Fieldglass REST API in an HTTP authorization header or as part of the request body.

The x-ApplicationKey header is optional for Connector, Identity (SCIM), and Reporting APIs. If you receive an error for not including an API Key, you can obtain the API Key in your SAP Fieldglass Configuration Manager account.

Obtain Token via Username/Password Credentials

To obtain the access token using username/password credentials, send a x-www-form-urlencoded HTTP GET request specific to the username/password credentials of an SAP Fieldglass user.

The following sample code illustrates how to obtain the access token with user/password credentials.

Obtain Token via SAML Authentication

The access token can also be retrieved using SAML authentication. The primary role of SAML in online security is that it enables you to access multiple Web applications using one set of login credentials.

The SAML assertion is POSTed to the OAuth token endpoint, which in turn processes the assertion and issues an access_token based upon prior approval of the application. The client doesn't need a client_secret to be passed to the token endpoint.

The following sample code illustrates how to use SAML to obtain the access token with SAML.