authentication-services-colmena icon

authentication-services-colmena

1.0.x
(2 reviews)
This API implements the "Mule OAuth provider" component needed to generate and validate bearer-type tokens.

🏠 Home - 💻 authentication-services-colmena

This section describes the attributes and usage of the authentication-services-colmena service.

💂️ Base Information

  • API Title: authentication-services-colmena
  • Version: 1.0.0
  • Base URL: https://authentication-services-colmena-{env}.us-e1.cloudhub.io/Replace the environment segment with:
  • dev (Development)
  • qa (Quality Assurance)
  • prod (Production)

📍 Available Endpoints

MethodEndpointDescriptionExchange Link
POST/tokenGenerates a bearer token for authentication.View on Exchange
POST/validateTokenValidates an existing bearer token.View on Exchange

🔑 Authentication

Security Policies

The API implements two security policies:

  1. Client ID EnforcementRestricts access by validating the Client ID and Client Secret registered in Anypoint Platform.
  2. OAuth 2.0 Access Token EnforcementRequires an OAuth 2.0 access token issued through the Mule OAuth provider.

API Consumption Steps

Step 1: Obtain Connected App Credentials

To generate a bearer token, you need connected app credentials (client_id and client_secret). These can be obtained by:

  • Sending an email request to the security team.
  • Generating them directly in Anypoint Platform if you have necessary permissions.
Step 2: Request Access to the API

Once inside Anypoint Platform or Exchange:

  • Create or use an existing application to request access to the API.
  • Use the application credentials (client_id and client_secret) when making API requests.

> 📌 Note: Application credentials are different from connected app credentials. Using application credentials to generate a bearer token will result in an "invalid client" error.

🔒 Endpoint: Generate Bearer Token

POST /token

  • Description: Generates a bearer token for authentication.

Complete URL

https://authentication-services-colmena-dev.us-e1.cloudhub.io/token

HTTP Method

POST

Required Headers

client_id: YOUR_CONNECTED_APP_CLIENT_ID
client_secret: YOUR_CONNECTED_APP_CLIENT_SECRET
grant_type: CLIENT_CREDENTIALS

Authentication

Client ID enforcement and OAuth 2.0

Example Request

curl -X POST "https://authentication-services-colmena-dev.us-e1.cloudhub.io/token" \
-H "client_id: YOUR_CONNECTED_APP_CLIENT_ID" \
-H "client_secret: YOUR_CONNECTED_APP_CLIENT_SECRET" \
-H "grant_type: CLIENT_CREDENTIALS"

Example Response

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "bearer",
  "expires_in": 3600
}

🔒 Endpoint: Validate Token

POST /validateToken

  • Description: Validates an existing bearer token.

Complete URL

https://authentication-services-colmena-dev.us-e1.cloudhub.io/validateToken

HTTP Method

POST

Required Headers

client_id: YOUR_APPLICATION_CLIENT_ID
client_secret: YOUR_APPLICATION_CLIENT_SECRET
Authorization: Bearer YOUR_ACCESS_TOKEN

Authentication

Client ID enforcement and OAuth 2.0

Example Request

curl -X POST "https://authentication-services-colmena-dev.us-e1.cloudhub.io/validateToken" \
-H "client_id: YOUR_APPLICATION_CLIENT_ID" \
-H "client_secret: YOUR_APPLICATION_CLIENT_SECRET" \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Step 4: Make API Requests

When calling an API, include the following headers:

  • client_id (from application credentials)
  • client_secret (from application credentials)

- Authorization: Bearer YOUR_ACCESS_TOKEN

⚠️ Error Codes

CodeDescriptionSuggested Solution
200OKRequest was successful
400Bad RequestCheck missing or invalid parameters
401UnauthorizedAuthentication failed
404Not FoundEndpoint or resource not found
500Internal Server ErrorUnexpected error on the server

📞 Support

For assistance, contact the Integration Services and Applications Coordination team. Email: epalma@fgs.co

📈 Architecture Diagram

Authentication API Architecture

📅 Additional Information

Reviews