Skip Navigation LinksALVAO 11.1Extension modulesALVAO Asset Management Enterprise APIAuthentication Skip Navigation Links.


Authentication

You can use Azure Active Directory (AAD) authentication or basic authentication to access the REST API.

Permissions for REST API operations are governed by the permissions of the accessing user in Alvao.

Azure Active Directory

First, in Alvao, set up the Azure Active Directory user authentication.

Applications with a logged-in user (on behalf of)

In order to access the REST API from an interactive application to which users are logged in (e.g., a web or mobile app), the accounts of those users must be imported into Alvao. To authenticate access, do the following:

  1. Authenticate the user with the appropriate token to the AAD application you have assigned to Alvao.
  2. Pass the obtained token to the REST API in the HTTP header Authorization: bearer <token>.

Non-interactive applications

For access from applications or scripts that do not work with the logged-in user (e.g. integration script), do the following:

  1. In the AAD application associated with ALVAO add a idtyp declaration (claim) to the token.
  2. In AAD, register a new application for the application that will communicate with the REST API.
  3. Create a new user in Alvao WebApp - Administration - Users. Turn on the Application Account option, select the AAD Application type, and add the application details registered in the previous step. Then assign the necessary permissions in ALVAO to the account.
  4. Get a token for the application from step 2 using the Client credentials flow (set as scope: <Client ID ALVAO application>/.default) and pass it to the REST API in the HTTP header Authorization: bearer <token>.

Basic authentication

Basic authentication is only for access from non-interactive applications.

  1. Create a new user in Alvao WebApp - Administration - Users. Turn on the Application Account option and select the Other Applications type. Then set the account password and assign the required permissions in ALVAO.
  2. Pass the REST API username and password via the standard basic authentication header.
Tip:
We recommend using the more secure method of authentication via AAD.

 

Did not find what you were looking for? Ask our technical support team.