Skip to content

Technical Users

"Settings" allows you to create and manage technical users for your Insights Hub environment. They can be used for accessing Insights Hub APIs, similar to App Credentials. You can create a maximum of 10 technical users within the "Settings" application.

Prerequisite

Only users with the TenantAdmin role can create and manage technical users.

User interface

The following screenshot shows the "Technical Users" screen. The "Technical Users" tab can be accessed from the left navigation. Technical User Details

① Creates a new technical user
② Shows the assigned roles of the technical user
③ Edits the description of the technical user
④ Deletes the technical user
⑤ Edits the assigned roles of the technical user


Once you have created a technical user, the following screen with the technical user details is shown. The password will disappear if you refresh the page, select another technical user or move out of the current screen.

Technical User Created

Create a new Technical User

To create a new Technical User, proceed as follows:

  1. In the left navigation, click "User Management", select "Technical User" and click "Create technical user".
  2. Enter a user name, e.g. "robin".

    Note

    The username uses the tenant's name as a prefix.

  3. Enter a description for the technical user.

  4. Click "Create technical user".
    • The login information appears.
  5. Click copy clipboard to copy the username and the password into the clipboard.

Note

The password will disappear if you refresh the page, switch to another technical user or move out of the current screen.

A new technical user is created successfully. It can now be used to access Insights Hub APIs.

Edit role assignment for Technical User

It is now possible to edit the role assignment of the technical user. To edit the role assignment for the technical user, proceed as follows:

  1. In the left navigation, click "User Management" and select "Technical User".
  2. Select the technical user you want to edit from the list.
  3. Click "Edit Roles" in the "Roles" tab.
  4. Select or deselect the roles you want to add or remove and click "Next".
  5. Click "Save".

Delete Technical User

Once you have reached the maximum number of technical users, you can delete the ones that are no longer required. To delete the technical user, proceed as follows:

  1. In the left navigation, click "User Management", select "Technical User".
  2. Select the technical user you want to delete and then click "Delete".
  3. Click "Delete" to confirm the deletion of the technical user.

A selected technical user is successfully deleted.

Obtain a token for Technical User

To directly work with the Insights Hub API’s, you need to obtain a token using the credentials of the technical user that you have recently created.

To get a token, you have to execute a POST request using the following URL: https://{tenantName}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials.

Provide the client id and client secret of your Technical User as basic authentication (RFC7617).

Sample request:

POST https://{tenantName}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials HTTP/1.1
Authorization: Basic {base64 encoded client_id:client_secret}

Sample request using python:

ServiceUrl = f"https://{{ tenant }}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials"
MessageBytes = str({{ clientId }}+":"+{{ secret }}).encode('ascii')
Base64Credentials = base64.b64encode(MessageBytes)
ResponseTechToken = requests.request('POST', ServiceUrl, headers={'Authorization': 'Basic ' + str(Base64Credentials.decode("utf-8")),'accept':'application/json'})

Sample response:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vZWFvcHLyLnBpYW0...nWfO88P29u1Ozw",
    "token_type": "bearer",
    "expires_in": 1799,
    "scope": "mdsp:core:assetmanagement.admin",
    "jti": "da6c28e603axxxxxa6b0c40a2072c9c5"
}


Last update: October 1, 2024