You can connect to the OData API with various clients. Postman is very handy when it comes to exploring the API's methods and data. By default, explicit login is forbidden. Your tenant admin needs to grant this type of access first.
PRECONDITIONS
- You completed onboarding with Luware Nimbus
- You have tenant admin rights in your tenant
- You have a reporting user (a user with Role "Tenant Admin, User Supervisor, Team Owner or Service Owner")
- You know which cluster you are using within Luware (Germany, Switzerland, UK, etc…)
🔍 Note: Read more about how to grant global tenant wide consent to an app documentation here https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent
Show Icon Legend
| 💡 = A hint to signal learnings, improvements or useful information in context. | 🔍 = Info points out essential notes or related page in context. |
| ☝ = Notifies you about fallacies and tricky parts that help avoid problems. | 🤔 = Asks and answers common questions and troubleshooting points. |
| ❌ = Warns you of actions with irreversible / data-destructive consequence. | ✅ = Intructs you to perform a certain (prerequired) action to complete a related step. |
Register Enterprise Application "Nimbus Odata Login" in your tenant
Open the following URL in a browser and login with your tenant admin to accept the permissions.
CODE
https://login.microsoftonline.com/{tenant-id}/v2.0/adminconsent?client_id=898a7352-9216-4ca8-a485-7d8f3903f598&scope=openid+profileReplace the tenant_id with your TenantId
Open https://portal.azure.com/ and verify that the Nimbus Odata Login enterprise application is available.
Verify the permissions are globally granted
Click on the Grant admin consent button. This should add another entry into the permissions “Nimbus Odata Login access_odata”
💡 Now users should be able to login with an Oauth token.
Open the postman collection
Download the postman collection here and open it in your postman client: Luware Postman Collection JSON File
Update the variables according to your environment:
| Variable | Purpose | Value |
|---|---|---|
| ODataAPI | The URL of the OData API | Nimbus API URLs:
|
| ODataScope | The scope of the access request | api://898a7352-9216-4ca8-a485-7d8f3903f598/access_odata |
| ClientId | Nimbus OData application ID | 898a7352-9216-4ca8-a485-7d8f3903f598 |
Verify access to the Nimbus OData application
Navigate down to the folder “Nimbus.OData.API” and open the Authorization tab. The authorization type should be OAuth 2.0.
Scroll down to “Configure New Token”.
Configure implicit access
| Request GET | https:// {{ODataAPI}} /v1/odata or https://api.luware.cloud/v1/odata |
|---|---|
| Token Name | Luware Odata Implicit OAuth2 Token |
| Grant Type | Implicit |
| Callback URL | https://oauth.pstmn.io/v1/callback |
| Auth URL | https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize |
| Client ID | {{ClientId}} or 898a7352-9216-4ca8-a485-7d8f3903f598 |
| Scope | {{ODataScope}} or api://898a7352-9216-4ca8-a485-7d8f3903f598/access_odata |
| Client Authentication | Send client credentials in body |
Send the response that opens an implicit login window. Login with your tenant admin. You should get an access token.
Configure explicit access
For explicit access using a username and password, create two additional variables for Username and Password and configure the values as below:
| Request GET | https:// {{ODataAPI}} /v1/odata or https://api.luware.cloud/v1/odata |
|---|---|
| Token Name | Luware Odata User-Pass OAuth2 Token |
| Grant Type | Password Credentials |
| Auth URL | https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize |
| Client ID | {{ClientId}} or 898a7352-9216-4ca8-a485-7d8f3903f598 |
| Username | {{Username}} |
| Password | {{Password}} |
| Scope | {{ODataScope}} or api://898a7352-9216-4ca8-a485-7d8f3903f598/access_odata |
| Client Authentication | Send client credentials in body |