Cumulocity IoT Feedback Portal
Add new feedback Subscribe
Status Clarification needed
Workspace Cumulocity IoT Platform Services
Categories Authentication & Authorisation
Created by Florian Huber
Created on Feb 15, 2022

RELATED FEEDBACK

OAuth 2 Client Credentials Support

Hi,


We have the current situation:

  • The primary actor in this scenario on our side is an API, not a human being.

  • We cannot use Basic or OAuth2 Internal authentication due to security requirements of our security department.


We would like to be able to authenticate our API with an identity provider (for us Azure AD) and then use the returned access token to access Cumulocity API.


OAuth2 code grant in this situation is not working nicely. (We would have to spawn up a browser in our API which does the SSO login in order to be able to access Cumulocity API.) As described above the other authentication options, Basic and OAuth2 Internal auth, are not usable by us due to security requirements. JWT token is deprecated by Cumulocity.


Ideally, probably it would be to be able to configure this authentication method similar to the "single sign-on" configuration for SSO code grant.


Thanks,

Florian


  • Attach files
  • Admin
    Jane Porter
    Reply
    |     Jan 23, 2023

    Hi Florian

    We believe the implementation of enabling an external IAM token to be used to gain access to Cumulocity IoT will provide the supported required. If this is not the case we need further clarification and would like a call.

    Thanks, Jane Porter

    Product Manager