This page provides information about the API authentication process for the following scenario:
Data engineers want to understand the complexities of the CDP REST API to create efficient integrations within the business architecture through self-service integration tools. They also want to develop and execute data integration tasks to enhance autonomy and reduce dependency on specialized technical knowledge.
The following are the ways to achieve this scenario:
Ensure the URL matches your cloud region and tenant type as saved earlier.
For example, https://auth.agilone.com/authentication?action=login.The following are the URL parameters:
Cloud Region
URL Endpoint
Parameter Description
AWS
auth.agilone.com
/authentication indicates the path that directs the request to the authentication service on the server.
? indicates the beginning of the query string, which contains the parameters.
action=login indicates the parameter that specifies the action. It informs the server that the intention of the request is to initiate a login process.
Setting up the Token Retrieve request
When you use the REST API Authentication mechanism, you perform the request daily to retrieve the token until it expires.
To retrieve a token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 1 - Authenticate with Username and Password (One Time) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Step 2 - Request Access Token (Daily).
Change the request to GET.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
The following are the URL parameters:
Cloud Region
URL Endpoint
Parameter Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
Postman auto-populates the value on the tab.
The response body consists of the following parameters:
Parameter
Description
access_token
A unique string that serves as a token for accessing protected resources. In this case, "f265e508-c599-44e3-ab60-60a040a9154a" is the token that the API returns. You must include this token in the header of subsequent requests to access authorized resources.
token_type
The type of token that is issued by the server. In this example, the token type is "bearer", which means that the bearer of this token has the authorization to access the resources. Bearer tokens are a common method used in OAuth 2.0 for accessing resources.
expires_in
The lifetime of the access token in seconds. Once this time elapses, the token expires and no longer grants access. In this case, 15600000 seconds means the token has a significant duration before expiration.
tenantId
The identifier for the tenant or account that you want to access.
username
The username of the user. In this case, the username is "tracker_XXXXXX".
userType
The role or type of the user within the system. "CLIENT" indicates that the user has client-level access.
passwordExpiryDate
The expiry date of the user's password, necessitating a password change. Postman displays it in ISO 8601 format. For example, "2025-01-06T00:00:00" indicates that the expiry date is January 6, 2025.
Setting up the Token Extend request
If a token is about to expire, you can extend it for the next 180 days. Acquia recommends you to recycle the token by generating a new token. For more information, see Setting up the Token Create request. You may use the token for up to 1 year or longer as per your company's policies.
To extend the token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 2 - Request Access Token (Daily) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Extend - Current Token.
Change the request to POST.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=extend.
The following are the URL parameters:
Cloud
URL Endpoint
Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
& indicates that you can add multiple key-value pairs to the query string.
action=extend indicates an action request to the server to extend the validity of the current token. This means the request is asking the server to prolong the lifespan of an existing token under the specified scheme .
Setting up the Token Create request
Use this procedure only if the existing token is about to expire.
To create a token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 3 - Request Access Token (Daily) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Create - Token.
Change the request to POST.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=create.
The following are the URL parameters:
Cloud
URL Endpoint
Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
& indicates that you can add multiple key-value pairs to the query string.
action=create indicates an action request to the server to create a token.
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Basic Auth.
Add the token that you want to extend.
Setting up the Token Delete request
To delete a token:
Click the ellipsis icon and click Duplicate to make a copy of the Extend - Current Token authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication requestto Revoke - A Token.
Change the request to DELETE.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
You can use the REST API authentication mechanism to construct upstream and downstream data payload samples for each user role:
Integration Users: Create near real-time, event-based, or batch delta integrations.
WebTag Service Users: Create near real-time front-end for your website using the tracking pixel integration.
360 Profile Users: Retrieve the post processed records that are cleansed, aggregated, and deduped to form unified customer records.
CDP provides the following resources:
A prebuilt library for advanced developers
Import the Postman guide library, which requires the following files:
The Product API Guide: Contains all clouds, environments, user roles, requests, and both upstream and downstream scenarios.
Environments Globals: Contains all prebuilt dynamic variables, enabling you to test across various clouds, environments, and user roles without the need to duplicate folders or requests.
API Authentication Process
This page provides information about the API authentication process for the following scenario:
Data engineers want to understand the complexities of the CDP REST API to create efficient integrations within the business architecture through self-service integration tools. They also want to develop and execute data integration tasks to enhance autonomy and reduce dependency on specialized technical knowledge.
The following are the ways to achieve this scenario:
Ensure the URL matches your cloud region and tenant type as saved earlier.
For example, https://auth.agilone.com/authentication?action=login.The following are the URL parameters:
Cloud Region
URL Endpoint
Parameter Description
AWS
auth.agilone.com
/authentication indicates the path that directs the request to the authentication service on the server.
? indicates the beginning of the query string, which contains the parameters.
action=login indicates the parameter that specifies the action. It informs the server that the intention of the request is to initiate a login process.
Setting up the Token Retrieve request
When you use the REST API Authentication mechanism, you perform the request daily to retrieve the token until it expires.
To retrieve a token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 1 - Authenticate with Username and Password (One Time) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Step 2 - Request Access Token (Daily).
Change the request to GET.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
The following are the URL parameters:
Cloud Region
URL Endpoint
Parameter Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
Postman auto-populates the value on the tab.
The response body consists of the following parameters:
Parameter
Description
access_token
A unique string that serves as a token for accessing protected resources. In this case, "f265e508-c599-44e3-ab60-60a040a9154a" is the token that the API returns. You must include this token in the header of subsequent requests to access authorized resources.
token_type
The type of token that is issued by the server. In this example, the token type is "bearer", which means that the bearer of this token has the authorization to access the resources. Bearer tokens are a common method used in OAuth 2.0 for accessing resources.
expires_in
The lifetime of the access token in seconds. Once this time elapses, the token expires and no longer grants access. In this case, 15600000 seconds means the token has a significant duration before expiration.
tenantId
The identifier for the tenant or account that you want to access.
username
The username of the user. In this case, the username is "tracker_XXXXXX".
userType
The role or type of the user within the system. "CLIENT" indicates that the user has client-level access.
passwordExpiryDate
The expiry date of the user's password, necessitating a password change. Postman displays it in ISO 8601 format. For example, "2025-01-06T00:00:00" indicates that the expiry date is January 6, 2025.
Setting up the Token Extend request
If a token is about to expire, you can extend it for the next 180 days. Acquia recommends you to recycle the token by generating a new token. For more information, see Setting up the Token Create request. You may use the token for up to 1 year or longer as per your company's policies.
To extend the token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 2 - Request Access Token (Daily) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Extend - Current Token.
Change the request to POST.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=extend.
The following are the URL parameters:
Cloud
URL Endpoint
Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
& indicates that you can add multiple key-value pairs to the query string.
action=extend indicates an action request to the server to extend the validity of the current token. This means the request is asking the server to prolong the lifespan of an existing token under the specified scheme .
Setting up the Token Create request
Use this procedure only if the existing token is about to expire.
To create a token:
Click the ellipsis icon and click Duplicate to make a copy of the Step 3 - Request Access Token (Daily) authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication request to Create - Token.
Change the request to POST.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user&action=create.
The following are the URL parameters:
Cloud
URL Endpoint
Description
AWS
auth.agilone.com
/token indicates the path that directs the request to a service or resource on the server that deals with token generation or management.
? indicates the beginning of the query string, which contains the parameters.
scheme=a1user indicates a parameter that specifies the authentication or authorization scheme. It tells the server that the request is created under the a1user scheme, possibly affecting how the token is generated or what permissions are associated with it.
& indicates that you can add multiple key-value pairs to the query string.
action=create indicates an action request to the server to create a token.
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Basic Auth.
Add the token that you want to extend.
Setting up the Token Delete request
To delete a token:
Click the ellipsis icon and click Duplicate to make a copy of the Extend - Current Token authentication request.
Click the ellipsis icon, click Rename, and rename the copy of the authentication requestto Revoke - A Token.
Change the request to DELETE.
Enter the Authentication mechanism endpoint URL as https://auth.agilone.com/token?scheme=a1user.
You can use the REST API authentication mechanism to construct upstream and downstream data payload samples for each user role:
Integration Users: Create near real-time, event-based, or batch delta integrations.
WebTag Service Users: Create near real-time front-end for your website using the tracking pixel integration.
360 Profile Users: Retrieve the post processed records that are cleansed, aggregated, and deduped to form unified customer records.
CDP provides the following resources:
A prebuilt library for advanced developers
Import the Postman guide library, which requires the following files:
The Product API Guide: Contains all clouds, environments, user roles, requests, and both upstream and downstream scenarios.
Environments Globals: Contains all prebuilt dynamic variables, enabling you to test across various clouds, environments, and user roles without the need to duplicate folders or requests.
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Basic Auth.
Enter the username and password.
Postman recommends that you save all sensitive information into variables. For more information, visit Store and reuse values using variables.
If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks.
Click the Headers tab.
Add Key as Content-Type and Value as application/json.
Click Save and click Send.
For successful requests, Postman displays Status: 200 OK and access_token.
You can initiate the user authentication step only after creating a token. You can use the token until it expires. You must not resend the request for continued testing with the generated token.
Params
Click the Authorization tab and ensure that the Type is Basic Auth.
For successful requests, Postman displays Status: 200 OK and access_token.
Ensure to check the expiration date of the token on a regular cadence through GET request calls. The expires_in field in the response body indicates the lifespan of the token. By default, tokens last 90 days in Customer Sandbox (CS) and 180 days in UAT and Production (PROD) environments.
a1user
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Bearer Token.
For successful requests, Postman displays Status: 200 OK and access_token.
Did not find what you were looking for?
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Basic Auth.
Enter the username and password.
Postman recommends that you save all sensitive information into variables. For more information, visit Store and reuse values using variables.
If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks.
Click the Headers tab.
Add Key as Content-Type and Value as application/json.
Click Save and click Send.
For successful requests, Postman displays Status: 200 OK and access_token.
You can initiate the user authentication step only after creating a token. You can use the token until it expires. You must not resend the request for continued testing with the generated token.
Params
Click the Authorization tab and ensure that the Type is Basic Auth.
For successful requests, Postman displays Status: 200 OK and access_token.
Ensure to check the expiration date of the token on a regular cadence through GET request calls. The expires_in field in the response body indicates the lifespan of the token. By default, tokens last 90 days in Customer Sandbox (CS) and 180 days in UAT and Production (PROD) environments.
a1user
Postman auto-populates the value on the Params tab.
Click the Authorization tab and select the Type as Bearer Token.
Acquia CDP