Authorization: ApiKey, Credentials or OAuth 2.0
The GeoPard solution is using AWS Cognito for the auth procedure.
We recommend checking all authorization options. The choice depends on the particular use case. More usage details are described in every option below.
Option 1: Using Credentials
Authorization with “username” and “password” is one of the possible approaches. In this case, email registration must be done (not using social networks).
The approach is recommended for integration on the API (BackEnd) level and all requests to GeoPard API are proxied via a dedicated special service (microservice).
Login request example:
Option 2: OAuth 2.0
AWS Cognito supports OAuth 2.0 protocol for authorization. The general overview is described in the article Cognito OAuth2 manual, the sub-article Authorization Code Grant is the most interesting in the GeoPard case.
The approach is recommended to integrate GeoPard at the UserInterface (FrontEnd) level. The integration works in both directions to send/receive data to/from GeoPard.
Keeping the story short:
Your application has to redirect a user to GeoPard Cognito for login or registration.
Example:
Please, connect with the GeoPard team to receive your application individual client_id
.
The redirected URL will receive a verification
code
for the next step.
The redirected URL looks like http://localhost:8080/?code=eb10956a-6d51-49e5-bbfe-9815e3fdc70a&state=54321
.
Your application has to exchange
code
fortokens
(access_token
,refresh_token
,id_token
).
Example:
Option 3: API Key
Quick access to WMS and WFS is necessary from time to time. Therefore, it is possible to use the GeoPard API key automatically generated for every account.
The API key can be found in the apiKey
attribute of the "UserData" GraphQL entity. Instructions on how to retrieve apiKey
are provided HERE.
apiKey
must be used with /geo
endpoints ONLY.
Usage:
As a
geopardApiKey
parameter in the GET request URL.As an
X-API-Key
header in ANY request.
Last updated