Quick Start¶
Getting started with using Accounts APIs involves the following steps:
- Create an account and a machine user.
- Create a JSON Web Token (JWT) by using the machine user credentials.
- Make API requests using the JWT.
Note
In the following examples we are:
making use of a Linux/MacOS shell in which environmental variables are set using the
export-command. In other environments it may be different, e.g. Windows uses theset-command instead.using the
curlas a client. But the API can be used in any programming language with an HTTP Client, e.g. Go, Python, NodeJS, Javascript and Java.
Create an account and a machine user¶
The Getting Started page documents the required steps to get a hold of the clientId, clientSecret.
Create a token¶
Use the values described in the Authorization- section to construct the Create Token request.
Example request¶
export CLIENT_ID=<YOUR_CLIENT_ID>
export CLIENT_SECRET=<YOUR_CLIENT_SECRET>
curl https://siemens-bt-015.eu.auth0.com/oauth/token \
-H 'content-type: application/json' \
-d "{
\"client_id\":\"$CLIENT_ID\",
\"client_secret\":\"$CLIENT_SECRET\",
\"audience\":\"https://horizon.siemens.com\",
\"grant_type\":\"client_credentials\"
}"
To run this example yourself, set the CLIENT_ID and CLIENT_SECRET first.
Example response¶
{
"access_token": "eyJ0eXAiOiUSJ9.eyJpc3MiOiJdGlhbHMifQ.MJpcxLfyOt",
"token_type": "Bearer",
"expires_in": 86400
}
The token, or JWT (JSON Web Token), is the value of the access_token-property in the response. You can now use it by passing it in the Authorization-header of any subsequent API requests. The expires_in-property represents the number of seconds your token is valid, usually, the value corresponds to 24 hours. When this time has elapsed you will need to create a new token.
Store the token in your TOKEN-environmental variable
export TOKEN=<YOUR_TOKEN>
Now you have all you need to start using the API.
Make API requests¶
This guide will take you through the steps you need to:
- Find out which partitions you can access
- Getting additional information about Partitions and Customers
List your UserGroups¶
The first step to perform is to list the UserGroups you have access to. This you can do by performing the Get the usergroups of the caller operation i.e. GET me/usergroups.
curl -H "Authorization: Bearer $TOKEN" \
"https://api.bpcloud.siemens.com/accounts/me/usergroups"
The response contains all information about all UserGroups you (the machine user) has access to. If you have a large number of UserGroups you may need to retrieve multiple pages, see Pagination.
The most important information given for each UserGroup is the following:
| Property | Description |
|---|---|
relationships.authorizedAs | A list of Roles that the UserGroup has |
relationships.hasAccessTo | A list of Partitions that the UserGroups has access to |
relationships.ownedBy | A reference to the owning Customer |
You have access to each partition mentioned above and are now able to use any other API e.g. Building Operations API with these partitions. To learn how to get then names of each Partition and Company please proceed to the next section.
List Partitions¶
Before you continue, store one of the Customer IDs for which you have access in an environmental variable, you can get the using the Get the usergroups of the caller operation as described above.
export CUSTOMER=8db4216d-61c5-4e79-8558-164aa179bfe9
To get more information about each of your Partitions you can use the List Partitions for customer operation. Below we specify the include-parameter to include the Company name of each Partition in the included section of the response.
curl -H "Authorization: Bearer $TOKEN" \
"https://api.bpcloud.siemens.com/accounts/customers/$CUSTOMER/partitions?include=ownedByCustomer.name"
You can repeat this operation for each of the Customers you have access to.
Note
For more details on deprecation policies and common API features such as paging, filtering and errors, refer to the Developer's Guide.