API configuration

Configure API access

The Token Server offers several APIs to integrate Token Server processes with existing systems. All API's that are available via the endpoint /oauth/api are protected with basic authentication. On top of basic authentication we advise to create an ip white list for the /oauth/api endpoint, so only selected machines in the corporate network have access to these API's.

The credentials for basic authentication can be configured via Docker Compose environment variables. For the username use TOKEN_SERVER_ENGINE_API_BASIC_AUTHENTICATION_USER and for the password TOKEN_SERVER_ENGINE_API_BASIC_AUTHENTICATION_PASSWORD.

Note: For mobile authentication API the required credentials for basic authentication are the client id and client secret of an API client configured in the Admin console of the Token Server. For more information check Mobile authentication API access.