How to Authenticate with the Data Manager

When invoking any endpoint of the Data Manager, it is necessary to authenticate.

Before proceeding further, it is essential that the reader be able to answer the following questions:

1. Is the Data Manager of the project enabled to work without authentication?

2. Is the Data Manager of the project enabled to receive "Basic" type authentication?

3. Am I able to retrieve a "Bearer" token for the project?

To answer questions 1 and 2, you can analyze the keys F40_ANDON_AUTH_ENABLED and F40_BASIC_AUTH_ENABLED in the project's docker-compose.yml or in the environment variables. If the first key is set to "True," it allows bypassing authentication, while the second, if set to "True," enables authentication using Basic Auth instead of Bearer Auth. It is recommended to contact the project administrator to retrieve this information.

Setting the F40_ANDON_AUTH_ENABLED key to "True" is strongly discouraged as it exposes the data to access by anyone who can use the Data Manager service, since no checks will be performed on the requests received.

If the answer to question 3 is no, it is advisable to read the following guide:

About | MAT Auth Manager - EN40factory.gitbook.io

Data Manager Without Authentication

If the current project's Data Manager does not require any type of authentication, then to invoke its endpoints, it is sufficient to specify in the Header of each call the "Authorization" key set to the same value as the key

F40_DM_MAT_ENVIRONMENT 

found in the backend component's configuration file. This name is the same used by the Data Manager to identify the project.

Data Manager with Basic Authentication

Basic authentication within the Data Manager is enabled if the following key is set to True.

F40_BASIC_AUTH_ENABLED = True

This key can be found among the environment variables of the service or within the docker-compose.yml file.

If this type of authentication is enabled, it is necessary to retrieve your credentials for Basic Auth. To authenticate, you must insert into the Header of the call a key named "Authorization" which must contain a string composed as follows:

"Basic " + "myUser:myPassword in b64encode"

where the part "myUser:myPassword in b64encode" is a base64 representation of the user credentials (username and password) separated by a colon ":" . Below is an example of a Header.

''''''''''''''' HEADER '''''''''''''''
{
    "Authorization" : "Basic bWF0ZGW2OmM1MjBkNzY5NDJmNDQ3MDI5ZjdiNTQyZTExOTcyNDQ4"
}

For the convenience of the reader, below is a brief Python script that can be used to generate the string from your own credentials:

from base64 import b64encode
MAT2_CLIENTID = "matdev"
MAT2_SECRET = "c520d76742f447029f7b542e31972448"
print(f"Basic {b64encode(f'{MAT2_CLIENTID}:{MAT2_SECRET}'.encode('utf-8')).decode()}")

Data Manager with Bearer Authentication

The Data Manager is always capable of working with Bearer type authentication.

To authenticate, it is necessary to insert into the Header of the call a key named "Authorization" associated with a value that follows the format of the string shown below:

"Bearer " + "yourToken"

The string "yourToken" must be replaced with the token you wish to use. This token can be generated at your own authentication service or through the use of the Auth Manager service.

The guide to using the Auth Manager is as follows:

About | MAT Auth Manager - EN40factory.gitbook.io

In addition to the "Authorization" key, a second key named "Env-Name" must be added, which allows the project for which authentication is desired to be recognized. The value to be specified inside is equal to the string specified in the key F40_APP_NAME of the Backend within the docker-compose.yml file or in the configuration file of the Backend service.

An example of a Header is also provided:

''''''''''''''' HEADER '''''''''''''''
{
    "Authorization" : "Bearer bWF0ZGW2OmM1MjBkNzY5NDJmNDQ3MDI5ZjdiNTQyZTExOTcyNDQ4",
    "Env-Name" : "myAppName"
}