Machine-to-Machine (M2M) Authentication
Content
Overview
ULM Cloud provides the capability for partner systems to integrate with ULM for a variety of tasks, including:
- Bulk ULM User and ULM Account provisioning into ULM.
- Updates/synchronization between ULM and external systems (e.g. B/OSS systems).
- Service entitlements and privacy management.
Stateless API
M2M APIs are completely stateless. There is no one specific M2M authentication endpoint.
API Access
Partner systems access protected APIs by including the {partner key}:{partner secret} in the X-Partner-AUTHZ header of each call. The key and secret are returned from ULM when you provision a partner with POST /partners API.
Certain M2M endpoints used as part of a MarketONE integration may alternatively be protected by a MarketONE Partner API key. These API keys are shared across MarketONE services (as an example, MarketONE Partner API keys obtained from PLM would also be functional with compatible ULM Cloud endpoints). MarketONE Partner API keys can be presented to ULM Cloud via the X-API-KEY header of each call. At present, the POST /runtime/event API is the only ULM Cloud API supporting authentication via the MarketONE Partner API key.
Note: M2M authentication methods are not interchangeable - ULM APIs that require authentication using a MarketONE Partner API key will not accept any token provided via the X-Partner-AUTHZ header and vice versa. You must supply a valid authentication key matching the support M2M authentication method.
API Examples
POST /activation/user
In the following example, a partner system invokes the POST /activation/user API to provision a new ULM user. This example demonstrates the use of ULM Cloud's core M2M authentication method via the X-Partner-AUTHZ header.
| Request URL | |
|---|---|
POST http://~your.url/rest/{version}/activation/user
|
|
Request Headers
| Header | Description |
|---|---|
| Content-Type | Specifies both the media type (of the content of the request body) that the client sends to the ULM Cloud, as well as the media type (of the content of the response body) that ULM returns to the client.
Value must be: Application/JSON |
| X-Partner-AUTHZ | The Partner Key and Partner Secret, respectively.
Base 64 encoding of: {Partner Key}:{Partner Secret} |
| Request Body |
|---|
{
"displayName": "demo",
"emailAddress": "demo@test.com",
"username": "demo@test.com",
"type":"com.uxpsystems.mint.user.RegularUser"
}
|
POST /runtime/event
In the following example, a partner system invokes the POST /runtime/event API to make a change to an existing runtime. This example demonstrates the use of a MarketONE Partner API key via the X-API-KEY header.
| Request URL | |
|---|---|
POST http://~your.url/rest/{version}/runtime/event
|
|
Request Headers
| Header | Description |
|---|---|
| Content-Type | Application/JSON |
| X-API-KEY | The MarketONE Partner API key. |
| Request Body |
|---|
{
"applicationName": "BSS",
"type": "deleted",
"runtime": {
"guid": "qwedwef4r56"
}
}
|