Technical Users¶
"Settings" allows you to create and manage technical users for your Insights Hub environment. They can be used for accessing Insights Hub APIs, similar to App Credentials. You can create a maximum of 10 technical users within the "Settings" application.
Prerequisite¶
Only users with the TenantAdmin
role can create and manage technical users.
User interface¶
The following screenshot shows the "Technical Users" screen. The "Technical Users" tab can be accessed from the left navigation.
① Creates a new technical user
② Shows the assigned roles of the technical user
③ Edits the description of the technical user
④ Deletes the technical user
⑤ Edits the assigned roles of the technical user
Once you have created a technical user, the following screen with the technical user details is shown. The password will disappear if you refresh the page, select another technical user or move out of the current screen.
Create a new Technical User¶
To create a new Technical User, proceed as follows:
- In the left navigation, click "User Management", select "Technical User" and click "Create technical user".
-
Enter a user name, e.g. "robin".
Note
The username uses the tenant's name as a prefix.
-
Enter a description for the technical user.
- Click "Create technical user".
- The login information appears.
- The login information appears.
- Click to copy the username and the password into the clipboard.
Note
The password will disappear if you refresh the page, switch to another technical user or move out of the current screen.
A new technical user is created successfully. It can now be used to access Insights Hub APIs.
Edit role assignment for Technical User¶
It is now possible to edit the role assignment of the technical user. To edit the role assignment for the technical user, proceed as follows:
- In the left navigation, click "User Management" and select "Technical User".
- Select the technical user you want to edit from the list.
- Click "Edit Roles" in the "Roles" tab.
- Select or deselect the roles you want to add or remove and click "Next".
- Click "Save".
Delete Technical User¶
Once you have reached the maximum number of technical users, you can delete the ones that are no longer required. To delete the technical user, proceed as follows:
- In the left navigation, click "User Management", select "Technical User".
- Select the technical user you want to delete and then click "Delete".
- Click "Delete" to confirm the deletion of the technical user.
A selected technical user is successfully deleted.
Obtain a token for Technical User¶
To directly work with the Insights Hub API’s, you need to obtain a token using the credentials of the technical user that you have recently created.
To get a token, you have to execute a POST request using the following URL: https://{tenantName}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials.
Provide the client id and client secret of your Technical User as basic authentication (RFC7617).
Sample request:
POST https://{tenantName}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials HTTP/1.1
Authorization: Basic {base64 encoded client_id:client_secret}
Sample request using python:
ServiceUrl = f"https://{{ tenant }}.piam.eu1.mindsphere.io/oauth/token?grant_type=client_credentials"
MessageBytes = str({{ clientId }}+":"+{{ secret }}).encode('ascii')
Base64Credentials = base64.b64encode(MessageBytes)
ResponseTechToken = requests.request('POST', ServiceUrl, headers={'Authorization': 'Basic ' + str(Base64Credentials.decode("utf-8")),'accept':'application/json'})
Sample response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vZWFvcHLyLnBpYW0...nWfO88P29u1Ozw",
"token_type": "bearer",
"expires_in": 1799,
"scope": "mdsp:core:assetmanagement.admin",
"jti": "da6c28e603axxxxxa6b0c40a2072c9c5"
}