Requesting Dell Identity JSON web token
Mon, 12 Feb 2024 20:19:09 -0000
|Read Time: 0 minutes
This blog will cover how to get Dell Identity JSON web token for access APEX Job Management APIs and other APIs.
Before you begin
1. Retrieve your APEX API access key and secret at the “Creating & Managing Dell APEX API access key Id and secret” blog.
2. IDP details.
Request Dell Identity JSON Web token
1. Curl
Follow these steps:
a. Request and save the SAML token from your company IDP.
b. Using the following curl command to request Dell Identity JSON web token,
curl --location --request GET curl -X POST -H "Authorization: <Base64-encoded(<Apex_accesss_key_id>:<Apex_access_secret>)>" -H "Content-Type: application/x-www-form-urlencoded" --data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:token-exchange' --data-urlencode 'subject_token_type=urn:ietf:params:oauth:token-type:saml2' --data-urlencode "subject_token=<IDP_TOKEN>"
Please use the web token URL: https://www.dell.com/di/v3/fp/oauth/token.
2. Script
Follow these steps:
a. Download the script file from here. This script uses Okta as IDP.
b. Install dependencies
The Requirements.txt file contains a list of dependencies. Please run the following command to install the dependencies using the requirements.txt file.
pip install -r requirements.txt
c. Update config.json
Sample steps for retrieving SAMP and login endpoints”
i. Log into Okta.
ii. In the config.json file, update the login_endpoint value with SSL application URL.
iii. Execute following command.
curl -v -L https://{login_endpoint} 2>&1 > /dev/null | grep GET
For example:
curl -v -L https://foo.okta.com/home/foo_application1/0abc123/xyz789 2>&1 > /dev/null | grep GET
> GET /home/foo_application1/abc123/xyz789 HTTP/2
> GET /app/ foo_application1/f111aaa/sso/saml HTTP/2
iv. From the example above, copy the URL which has the “sso” key word, and construct a complete url using an Okta host name and update the saml_endpoint on config.json.
"okta": {
"login_endpoint": "https://foo.okta.com/home/foo_application1/0abc123/xyz789",
"saml_endpoint": " https://foo.okta.com/app/foo_application1/f111aaa/sso/saml”
}
v. Save the config.json file.
d. Execute the script.
i. Run the saml_get_token.py.
ii. Select the desired IDP.
iii. Enter the credentials for your IDP.
iv. Enter the APEX API access key & secret.
You will receive a Dell Identity token, with a TTL of 30 minutes.
This Dell Identity (DI) token can be used to make REST API calls to the APEX public APIs.
Author: Ratnesh Yadav