Please wait

Loading...

Acquia Help

Filter by product:

Acquia CDP common questions

This page provides information about the API authentication process for the following scenario:

Data engineers want to understand the complexities of the CDP REST API to create efficient integrations within the business architecture through self-service integration tools. They also want to develop and execute data integration tasks to enhance autonomy and reduce dependency on specialized technical knowledge.

The following are the ways to achieve this scenario:

Self-service UI
Postman

Creating a user role through the self-service UI¶

Before you start creating a user role, you must get access to the Instances user interface by contacting your CDP administrator.

To create a user role:

Sign in to the CDP user interface.
Click Integrations > Instances.
Click Add Instance.
The system displays the Create Instance page.
In Name, enter the name for your instance.
In Instance Type, select one of the following:
- DW Tracker to push upstream payloads from a source system to CDP.
- 360 Profiles to pull downstream payloads from CDP to a source system.
Click Save.
The system creates the instance and auto-populates values in the following fields:
- API Host URL
- Authentication Host URL
- UserName
- Password
Take a backup of these credentials at a secure location as you cannot view them in the system again.
These credentials are used when creating a user role through Postman.

Creating a user role through Postman¶

Complete the following tasks to create a user role through Postman for the given scenario:

S.No.	Task
1	Set up Postman
2	Set up the Authentication request
3	Set up the Token Retrieve request
4	Set up the Token Extend request
5	Set up the Token Create request
6	Set up the Token Delete request
7	Set up the All Token Delete request

Setting up Postman¶

Download and open Postman.
Click Create Collection.
Click the Ellipsis icon, click Rename, and then rename the folder collection to CDP Authentication.
Postman displays the CDP Authentication collection.

Setting up the Authentication request¶

In the CDP Authentication collection, click Add a request.
Click the Ellipsis icon, click Rename, and then rename the request to Step 1 - Authenticate with Username and Password (One Time).
Change the request to POST.

In Enter URL or paste text, enter the credentials that you generated while creating a user role through self-service UI.

Ensure the URL matches your cloud region and tenant type as saved earlier.

For example, https://auth.agilone.com/authentication?action=login.

The following are the URL parameters:

Cloud Region	URL Endpoint	Parameter Description
AWS	`auth.agilone.com`	`/authentication` indicates the path that directs the request to the authentication service on the server. `?` indicates the beginning of the query string, which contains the parameters. `action=login` indicates the parameter that specifies the action. It informs the server that the intention of the request is to initiate a login process.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Basic Auth.
Enter the username and password.

Postman recommends that you save all sensitive information into variables. For more information, visit Store and reuse values using variables.
If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks.
Click the Headers tab.
Add Key as Content-Type and Value as application/json.
Click Save and click Send.

For successful requests, Postman displays Status: 200 OK and access_token.

You can initiate the user authentication step only after creating a token. You can use the token until it expires. You must not resend the request for continued testing with the generated token.

Setting up the Token Retrieve request¶

When you use the REST API Authentication mechanism, you perform the request daily to retrieve the token until it expires.

To retrieve a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 1 - Authenticate with Username and Password (One Time) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Step 2 - Request Access Token (Daily).
Change the request to GET.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.

The following are the URL parameters:

Cloud Region	URL Endpoint	Parameter Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and ensure that the Type is Basic Auth.
Perform Steps 6 to 8 from Setting up the Authentication request.
Click Save and click Send.
For successful requests, Postman displays Status: 200 OK and access_token.
Ensure to check the expiration date of the token on a regular cadence through GET request calls. The expires_in field in the response body indicates the lifespan of the token. By default, tokens last 90 days in Customer Sandbox (CS) and 180 days in UAT and Production (PROD) environments.

The response body consists of the following parameters:

Parameter	Description
`access_token`	A unique string that serves as a token for accessing protected resources. In this case, `"f265e508-c599-44e3-ab60-60a040a9154a"` is the token that the API returns. You must include this token in the header of subsequent requests to access authorized resources.
`token_type`	The type of token that is issued by the server. In this example, the token type is `"bearer"`, which means that the bearer of this token has the authorization to access the resources. Bearer tokens are a common method used in OAuth 2.0 for accessing resources.
`expires_in`	The lifetime of the access token in seconds. Once this time elapses, the token expires and no longer grants access. In this case, `15600000` seconds means the token has a significant duration before expiration.
`tenantId`	The identifier for the tenant or account that you want to access.
`username`	The username of the user. In this case, the username is `"tracker_XXXXXX"`.
`userType`	The role or type of the user within the system. `"CLIENT"` indicates that the user has client-level access.
`passwordExpiryDate`	The expiry date of the user's password, necessitating a password change. Postman displays it in ISO 8601 format. For example, `"2025-01-06T00:00:00"` indicates that the expiry date is January 6, 2025.

Setting up the Token Extend request¶

If a token is about to expire, you can extend it for the next 180 days. Acquia recommends you to recycle the token by generating a new token. For more information, see Setting up the Token Create request. You may use the token for up to 1 year or longer as per your company's policies.

To extend the token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 2 - Request Access Token (Daily) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Extend - Current Token.
Change the request to POST.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=extend.

The following are the URL parameters:

Cloud	URL Endpoint	Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it. `&` indicates that you can add multiple key-value pairs to the query string. `action=extend` indicates an action request to the server to extend the validity of the current token. This means the request is asking the server to prolong the lifespan of an existing token under the specified scheme `a1user`.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Bearer Token.
Add the token that you want to extend.
Perform Steps 7 and 8 from Setting up the Authentication request.
For successful requests, Postman displays Status: 200 OK and access_token.
Before Extend request:

After Extend request:

Setting up the Token Create request¶

Use this procedure only if the existing token is about to expire.

To create a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 3 - Request Access Token (Daily) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Create - Token.
Change the request to POST.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=create.

The following are the URL parameters:

Cloud	URL Endpoint	Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it. `&` indicates that you can add multiple key-value pairs to the query string. `action=create` indicates an action request to the server to create a token.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Basic Auth.
Add the token that you want to extend.
Perform Steps 7 and 8 from Setting up the Authentication request.
For successful requests, Postman displays Status: 200 OK and access_token.

Setting up the Token Delete request¶

To delete a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Extend - Current Token authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Revoke - A Token.
Change the request to DELETE.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
For more information, see the URL Parameter table in Setting up the Token Retrieve request.
Click the Authorization tab and ensure that the Type is Bearer Token.
Enter the token that you want to delete.
Perform Steps 7 and 8 from Setting up the Authentication request.
Postman deletes the token.

Setting up the All Token Delete request¶

To delete all tokens:

Click the Ellipsis icon and click Duplicate to make a copy of the Revoke - A Token authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Revoke All Access Tokens.
Change the request to DELETE.¶
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.¶
For more information, see the URL Parameter table in Setting up the Token Retrieve request.
Click the Authorization tab and select the Type as Basic Auth.¶
Enter the username and password.¶
Perform Steps 6 to 8 from Setting up the Authentication request.
Postman deletes all the tokens.

Summary¶

You can use the REST API authentication mechanism to construct upstream and downstream data payload samples for each user role:

Integration Users: Create near real-time, event-based, or batch delta integrations.
Webtag Service Users: Create near real-time front-end for your website using the tracking pixel integration.
360 Profile Users: Retrieve the post processed records that are cleansed, aggregated, and deduped to form unified customer records.

CDP provides the following resources:

A prebuilt library for advanced developers
Import the Postman guide library, which requires the following files:
- The Product API Guide: Contains all clouds, environments, user roles, requests, and both upstream and downstream scenarios.
- Environments Globals: Contains all prebuilt dynamic variables, enabling you to test across various clouds, environments, and user roles without the need to duplicate folders or requests.

Did not find what you were looking for?

If this content did not answer your questions, try searching or contacting our support team for further assistance.

Acquia Support

This page provides information about the API authentication process for the following scenario:

The following are the ways to achieve this scenario:

Self-service UI
Postman

Creating a user role through the self-service UI¶

Before you start creating a user role, you must get access to the Instances user interface by contacting your CDP administrator.

To create a user role:

Sign in to the CDP user interface.
Click Integrations > Instances.
Click Add Instance.
The system displays the Create Instance page.
In Name, enter the name for your instance.
In Instance Type, select one of the following:
- DW Tracker to push upstream payloads from a source system to CDP.
- 360 Profiles to pull downstream payloads from CDP to a source system.
Click Save.
The system creates the instance and auto-populates values in the following fields:
- API Host URL
- Authentication Host URL
- UserName
- Password
Take a backup of these credentials at a secure location as you cannot view them in the system again.
These credentials are used when creating a user role through Postman.

Creating a user role through Postman¶

Complete the following tasks to create a user role through Postman for the given scenario:

S.No.	Task
1	Set up Postman
2	Set up the Authentication request
3	Set up the Token Retrieve request
4	Set up the Token Extend request
5	Set up the Token Create request
6	Set up the Token Delete request
7	Set up the All Token Delete request

Setting up Postman¶

Download and open Postman.
Click Create Collection.
Click the Ellipsis icon, click Rename, and then rename the folder collection to CDP Authentication.
Postman displays the CDP Authentication collection.

Setting up the Authentication request¶

In the CDP Authentication collection, click Add a request.
Click the Ellipsis icon, click Rename, and then rename the request to Step 1 - Authenticate with Username and Password (One Time).
Change the request to POST.

In Enter URL or paste text, enter the credentials that you generated while creating a user role through self-service UI.

Ensure the URL matches your cloud region and tenant type as saved earlier.

For example, https://auth.agilone.com/authentication?action=login.

The following are the URL parameters:

Cloud Region	URL Endpoint	Parameter Description
AWS	`auth.agilone.com`	`/authentication` indicates the path that directs the request to the authentication service on the server. `?` indicates the beginning of the query string, which contains the parameters. `action=login` indicates the parameter that specifies the action. It informs the server that the intention of the request is to initiate a login process.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Basic Auth.
Enter the username and password.

Postman recommends that you save all sensitive information into variables. For more information, visit Store and reuse values using variables.
If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks.
Click the Headers tab.
Add Key as Content-Type and Value as application/json.
Click Save and click Send.

For successful requests, Postman displays Status: 200 OK and access_token.

You can initiate the user authentication step only after creating a token. You can use the token until it expires. You must not resend the request for continued testing with the generated token.

Setting up the Token Retrieve request¶

When you use the REST API Authentication mechanism, you perform the request daily to retrieve the token until it expires.

To retrieve a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 1 - Authenticate with Username and Password (One Time) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Step 2 - Request Access Token (Daily).
Change the request to GET.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.

The following are the URL parameters:

Cloud Region	URL Endpoint	Parameter Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and ensure that the Type is Basic Auth.
Perform Steps 6 to 8 from Setting up the Authentication request.
Click Save and click Send.
For successful requests, Postman displays Status: 200 OK and access_token.
Ensure to check the expiration date of the token on a regular cadence through GET request calls. The expires_in field in the response body indicates the lifespan of the token. By default, tokens last 90 days in Customer Sandbox (CS) and 180 days in UAT and Production (PROD) environments.

The response body consists of the following parameters:

Parameter	Description
`access_token`	A unique string that serves as a token for accessing protected resources. In this case, `"f265e508-c599-44e3-ab60-60a040a9154a"` is the token that the API returns. You must include this token in the header of subsequent requests to access authorized resources.
`token_type`	The type of token that is issued by the server. In this example, the token type is `"bearer"`, which means that the bearer of this token has the authorization to access the resources. Bearer tokens are a common method used in OAuth 2.0 for accessing resources.
`expires_in`	The lifetime of the access token in seconds. Once this time elapses, the token expires and no longer grants access. In this case, `15600000` seconds means the token has a significant duration before expiration.
`tenantId`	The identifier for the tenant or account that you want to access.
`username`	The username of the user. In this case, the username is `"tracker_XXXXXX"`.
`userType`	The role or type of the user within the system. `"CLIENT"` indicates that the user has client-level access.
`passwordExpiryDate`	The expiry date of the user's password, necessitating a password change. Postman displays it in ISO 8601 format. For example, `"2025-01-06T00:00:00"` indicates that the expiry date is January 6, 2025.

Setting up the Token Extend request¶

To extend the token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 2 - Request Access Token (Daily) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Extend - Current Token.
Change the request to POST.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=extend.

The following are the URL parameters:

Cloud	URL Endpoint	Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it. `&` indicates that you can add multiple key-value pairs to the query string. `action=extend` indicates an action request to the server to extend the validity of the current token. This means the request is asking the server to prolong the lifespan of an existing token under the specified scheme `a1user`.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Bearer Token.
Add the token that you want to extend.
Perform Steps 7 and 8 from Setting up the Authentication request.
For successful requests, Postman displays Status: 200 OK and access_token.
Before Extend request:

After Extend request:

Setting up the Token Create request¶

Use this procedure only if the existing token is about to expire.

To create a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Step 3 - Request Access Token (Daily) authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Create - Token.
Change the request to POST.

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=create.

The following are the URL parameters:

Cloud	URL Endpoint	Description
AWS	`auth.agilone.com`	`/token` indicates the path that directs the request to a service or resource on the server that deals with token generation or management. `?` indicates the beginning of the query string, which contains the parameters. `scheme=a1user` indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the `a1user` scheme, possibly affecting how the token is generated or what permissions are associated with it. `&` indicates that you can add multiple key-value pairs to the query string. `action=create` indicates an action request to the server to create a token.

Postman auto-populates the value on the Params tab.

Click the Authorization tab and select the Type as Basic Auth.
Add the token that you want to extend.
Perform Steps 7 and 8 from Setting up the Authentication request.
For successful requests, Postman displays Status: 200 OK and access_token.

Setting up the Token Delete request¶

To delete a token:

Click the Ellipsis icon and click Duplicate to make a copy of the Extend - Current Token authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Revoke - A Token.
Change the request to DELETE.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
For more information, see the URL Parameter table in Setting up the Token Retrieve request.
Click the Authorization tab and ensure that the Type is Bearer Token.
Enter the token that you want to delete.
Perform Steps 7 and 8 from Setting up the Authentication request.
Postman deletes the token.

Setting up the All Token Delete request¶

To delete all tokens:

Click the Ellipsis icon and click Duplicate to make a copy of the Revoke - A Token authentication request.
Click the Ellipsis icon, click Rename, and rename the copy of the authentication request to Revoke All Access Tokens.
Change the request to DELETE.¶
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.¶
For more information, see the URL Parameter table in Setting up the Token Retrieve request.
Click the Authorization tab and select the Type as Basic Auth.¶
Enter the username and password.¶
Perform Steps 6 to 8 from Setting up the Authentication request.
Postman deletes all the tokens.

Summary¶

You can use the REST API authentication mechanism to construct upstream and downstream data payload samples for each user role:

Integration Users: Create near real-time, event-based, or batch delta integrations.
Webtag Service Users: Create near real-time front-end for your website using the tracking pixel integration.
360 Profile Users: Retrieve the post processed records that are cleansed, aggregated, and deduped to form unified customer records.

CDP provides the following resources:

A prebuilt library for advanced developers
Import the Postman guide library, which requires the following files:
- The Product API Guide: Contains all clouds, environments, user roles, requests, and both upstream and downstream scenarios.
- Environments Globals: Contains all prebuilt dynamic variables, enabling you to test across various clouds, environments, and user roles without the need to duplicate folders or requests.

Did not find what you were looking for?

If this content did not answer your questions, try searching or contacting our support team for further assistance.

Acquia Support

Loading...

Acquia Help

Filter by product:

Acquia CDP common questions

Creating a user role through the self-service UI¶

Creating a user role through Postman¶

Setting up Postman¶

Setting up the Authentication request¶

Setting up the Token Retrieve request¶

Setting up the Token Extend request¶

Setting up the Token Create request¶

Setting up the Token Delete request¶

Setting up the All Token Delete request¶

Change the request to `DELETE`.¶

Enter the Authentication mechanism endpoint URL as `https://auth.agilone.com/token?scheme=a1user`.¶

Click the Authorization tab and select the Type as Basic Auth.¶

Enter the username and password.¶

Summary¶

Did not find what you were looking for?

Creating a user role through the self-service UI¶

Creating a user role through Postman¶

Setting up Postman¶

Setting up the Authentication request¶

Setting up the Token Retrieve request¶

Setting up the Token Extend request¶

Setting up the Token Create request¶

Setting up the Token Delete request¶

Setting up the All Token Delete request¶

Change the request to `DELETE`.¶

Enter the Authentication mechanism endpoint URL as `https://auth.agilone.com/token?scheme=a1user`.¶

Click the Authorization tab and select the Type as Basic Auth.¶

Enter the username and password.¶

Summary¶

Did not find what you were looking for?

Acquia Help

Filter by product:

Acquia CDP common questions

API Authentication Process

Loading...

Acquia Help

Filter by product:

Acquia CDP common questions

Creating a user role through the self-service UI¶

Creating a user role through Postman¶

Setting up Postman¶

Setting up the Authentication request¶

Setting up the Token Retrieve request¶

Setting up the Token Extend request¶

Setting up the Token Create request¶

Setting up the Token Delete request¶

Setting up the All Token Delete request¶

Change the request to DELETE.¶

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.¶

Click the Authorization tab and select the Type as Basic Auth.¶

Enter the username and password.¶

Summary¶

Did not find what you were looking for?

Creating a user role through the self-service UI¶

Creating a user role through Postman¶

Setting up Postman¶

Setting up the Authentication request¶

Setting up the Token Retrieve request¶

Setting up the Token Extend request¶

Setting up the Token Create request¶

Setting up the Token Delete request¶

Setting up the All Token Delete request¶

Change the request to DELETE.¶

Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.¶

Click the Authorization tab and select the Type as Basic Auth.¶

Enter the username and password.¶

Summary¶

Did not find what you were looking for?

Acquia Help

Filter by product:

Acquia CDP common questions

API Authentication Process

Change the request to `DELETE`.¶

Enter the Authentication mechanism endpoint URL as `https://auth.agilone.com/token?scheme=a1user`.¶

Change the request to `DELETE`.¶

Enter the Authentication mechanism endpoint URL as `https://auth.agilone.com/token?scheme=a1user`.¶