NTLM Grant - API Manager 2.6.0 - WSO2 Documentation

All docs This doc
||
Skip to end of metadata
Go to start of metadata

NTLM is the successor of the authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product, and attempts to provide backwards compatibility with LANMAN. You can obtain an access token to your API in an API Manager instance running on Windows by providing a valid NTLM token as an authorization grant. The steps are given below:

Invoking the Token API to generate tokens

  1. Get a valid consumer key and consumer secret pair. Initially, you generate these keys through the API Store by clicking the Generate Keys button on the Production Keys tab of the application.
  2. Combine the consumer key and consumer secret keys in the format consumer-key:consumer-secret and encode the combined string using base64 ( http://base64encode.org ).
    In order to generate an access token with NTLM, you must have an NTLM token. 

  3. Generate an NTLM token by running the sample provided in the <APIM_HOME>/samples/NTLMGrantClient directory. See the Readme.txt in the same folder for instructions.

  4. Invoke the token API in the following manner to get an access token.
    The value of the windows_token in the following command is the NTLM token that you generated in the previous step.

    curl -k -d "grant_type=iwa:ntlm&windows_token=<give the NTLM token you got in step 3>" -H 
    "Authorization: Basic <give the string you got in step2>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token

    Note that for users to be counted in the Registered Users for Application statistics which takes the number of users shared each of the Application, they should have to generate access tokens using Password Grant type.

  • No labels