Skip to content

Token Management Client for Java

Introduction

The Token Management Java client is used to retrieve tokens, which allow applications to access IoT data on customer tenants to whom the application has been provided.

Further implementation of the TokenManager SDK library has been shown in a sample project that you can download and test in local or on Insights Hub application. Please refer to this repository: industrial-iot-java-sdk-examples

Refer to Token Management Service for more information about the service.

Hint

Placeholders in the following samples are indicated by angular brackets < >.

Token Management Operations

Client Name: TokenManagerClient

Token Expiry

Tokens are valid for 30 minutes. Cache and reuse tokens until their expiry.

Get a Token using Environment Variables

This operation fetches the following parameters from environment variables:

Environment Variable Description
MDSP_OS_VM_APP_NAME The application name as stored by the version management of the Operator Services (OS_VM).
MDSP_OS_VM_APP_VERSION The application version as stored by the version management of the Operator Services (OS_VM).
MDSP_KEY_STORE_CLIENT_ID The client ID, which is part of the service credentials.
MDSP_KEY_STORE_CLIENT_SECRET The client secret, which is part of the service credentials.

The MDSP_HOST_TENANT and MDSP_USER_TENANT parameters are obtained from the user token passed via a MindsphereCredentials object.

Environment Variables

On developer tenants the environment variables must be set manually in the Cloud Foundry environment using the command cf env or in the manifest.yml. On operator tenants they are set automatically during application registration.

Credentials

Credentials differ between operator and developer tenants and should not be hard-coded in the final application. You are responsible for keeping the credentials safe.

// Construct the MindsphereCredentials object using the user token
MindsphereCredentials credentials = MindsphereCredentials.userTokenBuilder()
                                        .authorization(<user_token>)
                                        .build();

// Construct the TokenManagerClient object
TokenManagerClient token_manager_client = TokenManagerClient.builder()
                    .mindsphereCredentials(credentials)
                    .restClientConfig(<config>)
                    .build();

AccessTokenResponse access_token_response = null;

try {
  access_token_response = token_manager_client.getToken();
} catch (MindsphereException e) {
  // Exception handling
}

Get a Token using Service Credentials

Get a token providing the client ID and client secret in the request. The application name and version are automatically fetched from environment variables.

// Construct the MindsphereCredentials object and supply the user token as shown above

// Construct the TokenManagerClient object as shown above
AccessTokenResponse access_token_response = null;

try {
  access_token_response = token_manager_client.getToken(<client_id>,<client_secret>);
} catch (MindsphereException e) {
  // Exception handling
}

Get a Token without using Environment Variables

Get a token providing the application name and version, the client ID and the client secret in the request.

// Construct the MindsphereCredentials object and supply the user token as shown above

// Construct the TokenManagerClient object as shown above
AccessTokenResponse access_token_response = null;

try {
  access_token_response = token_manager_client.getToken(<application_name>,<application_version>,<client_id>,<client_secret>);
} catch (MindsphereException e) {
  // Exception handling
}

Last update: February 23, 2024

Except where otherwise noted, content on this site is licensed under the Development License Agreement.