Problem with REST data interface - Authentication

Hello,

I'm not sure if it´s only me, but I have a few problems with understanding the explanation of "REST data interface - Authentication" in the PLCnext Info Center.
 
For example:
You are using a parameter "scope" when requesting an authentication token, but without any explanation what it should contain.
The same problem with the "grant_type" when requesting an user authentication, no explanation about this parameter.
There is also no example on how to use the AccessToken when reading/writing variables. You only mention some authorization header and a bearer token, but without any further explanation....

Hi Matthias,

I guess you'll find the missing information in the [Authentification Section of the info center.  
> ](https://www.plcnext.help/te/Service_Components/REST_data_interface/REST_data_interface_Authentication.htm)In those topics were every calls with a short example explained.
If you like I can also give you a small Python example by mail (mail to [fwalde@phoenixcontact.com](mailto:fwalde@phoenixcontact.com)).  
> I haven't had the time to finish the example completely, but it should do the job.
Just let me know,
Frank

Hello Frank,

you've linked exactly the section I was talking about.
If you take a look at the "How to" part of the text you will see that there are parameters/variables used but never explained.
 
The example also looks like you are using the access token in the JSON data, but in the explanation of the procedure (E and F) it looks like you have to send the access token (bearer token??) in the HTTP header and not in the data....

REST API authentication.PNG1224×589 89.3 KB

Hi Mathias,

now I got your point and yeah I can also there also some improvements in the doc of the REST Interface.
Until this is done I hope the following prints from my Py script will guide you through authentication and data service calls.


                                                                                                  1. **Get Auth Token**  
                                                    >  URL: <https://192.168.178.156/_pxc_api/v1.2/auth/auth-token>  
                                                    > Body: {"scope": "variables"}  
                                                    > Return: {"code":"**328ab551f0708a83** ","expires_in":600}  
                                                    >   
                                                    >   
                                                    > 


                                                                                                  2. **Get Auth Bearer  
                                                    > ** URL: <https://192.168.178.156/_pxc_api/v1.2/auth/access-token>  
                                                    > Body: {"code": "**328ab551f0708a83** ", "grant_type": "authorization_code", "username": "admin", "password": "12345678"}  
                                                    > Return: {"state":"328ab551f0708a83","token_type":"Bearer","access_token":"**10110820708f48f4** ","roles":[]}  
                                                    >   
                                                    > 


                                                                                                  3. **Get Session ID**  
                                                    >  After the authentication is done, all further calls must include the bearer in the **header**.  
                                                    >   
                                                    > URL: <https://192.168.178.156/_pxc_api/v1.2/sessions>  
                                                    > Header: {'User-Agent': 'python-requests/2.22.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', **'Authorization': 'Bearer 10110820708f48f4',** 'Content-Length': '28'}  
                                                    > Body: stationID=xyz&timeout;=5000  
                                                    > Return: {"apiVersion":"1.4.0.0","projectCRC":3238028397,"userAuthenticationRequired":true,"sessionID":"**s63164317** ","timeout":"5000"}  
                                                    >   
                                                    > 


                                                                                                  4. **Read Variables  
                                                    > ** URL: [https://192.168.178.156/_pxc_api/v1.2/variables?SessionID=s84535925&paths;=Arp.Plc.Eclr%2FMainInstance.**Test_In_Variable** %2CArp.Plc.Eclr%2FMainInstance.**Test_In_Variable2**](https://192.168.178.156/_pxc_api/v1.2/variables?SessionID=s84535925&paths=Arp.Plc.Eclr%2FMainInstance.Test_In_Variable%2CArp.Plc.Eclr%2FMainInstance.Test_In_Variable2)  
                                                    >  Header: {'User-Agent': 'python-requests/2.22.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', '**Authorization': 'Bearer 6c64fa853a62f96c** '}  
                                                    > Return: {"apiVersion":"1.4.0.0","projectCRC":3238028397,"userAuthenticationRequired":true,"variables":[{"path":"**Arp.Plc.Eclr/MainInstance.Test_In_Variable","value":false**},{"path":"**Arp.Plc.Eclr/MainInstance.Test_In_Variable2","value":false**}]}**  
                                                    >   
                                                    > **

Hope that helps, if not please let me know,
BR
Frank

Hello Frank,

thank you very much for your explanation.
I think you should add the part where you are using the authorization header field to the documentation, because that´s the information I was completely missing.
(Couldn't find this in the "Authentication" part of the documentation as well as in the "Sessions" part)
 
Best regards
Mathias

Hey Mathias,

thanks for the hint and honestly that part was yesterday after reading also not clear for me.  
> So, I've already informed the doc, we will update this chapter in the next days.
Let me know if you've additional questions,
Frank