Skip to content

How to generate a bearer token?

When to generate a bearer token?

You must generate a bearer token before using any SAFE web APIs. The access (bearer) token is used to authenticate and authorize the requests made to SAFE Application or SAFE Swift web APIs.

How to generate a bearer token?

This code snippet is written in C# and it is used to obtain an access (bearer) token from the FRMSC SAFE Token API. This API is part of Client Credentials flow of OAuth2.0 specification. The program uses the following libraries:

  • IdentityModel.Client
  • Newtonsoft.Json
  • Safe_API_Demo_Client.Models
  • System.Text

Here are the steps to follow:

Step 1: Set the variable values

Set the identityUrl, clientId, clientSecret, and scope variables to their respective values.

var identityUrl = "https://identity-eu.frmsc.com";
var clientId = "[Your_ClientId]";
var clientSecret = "[your_ClientSecret]";
var scope = "frmsc_safe_upload_api";
  • The identityUrl variable should be set to the URL of the identity (token) server.
  • The clientId and clientSecret variables should be set to the client ID and client secret you can generate from FRMSc web app.
  • The scope variable should be set to the scope of the API you want to access. FRMSc APIs support two scopes - frmsc_safe_upload_api and frmsc_fast_safe_api. Set the scope to:
    • frmsc_safe_upload_api for FRMSc's SAFE Application API, and
    • frmsc_fast_safe_api for FRMSc's SAFE Swift API /api/Processor/ProcessFatigue endpoint
    • frmsc_fast_safe_risk_api for FRMSc's SAFE Swift API /api/Processor/ProcessFatigueRisk endpoint

Step 2: Initiate request

Create an instance of the HttpClient class and set its BaseAddress property to the value of the identityUrl.

HttpClient client = new HttpClient();
client.BaseAddress = new Uri(identityUrl);

Step 3: Inititiaze Open ID

Call the GetDiscoveryDocumentAsync method of the HttpClient instance to retrieve the OpenID Connect discovery document for the identity server. This document contains information about the endpoints and configuration of the identity server.

var openIdDiscoveryDocument = client.GetDiscoveryDocumentAsync(identityUrl).GetAwaiter().GetResult();

Step 4: Create request body

Create a new instance of the ClientCredentialsTokenRequest class and set its properties to the values of openIdDiscoveryDocument.TokenEndpoint, clientId, clientSecret, and scope. The grant_type is pre-set in the OpenID Connect discovery document.

var request = new ClientCredentialsTokenRequest
{
    Address = openIdDiscoveryDocument.TokenEndpoint,

    ClientId = clientId,
    ClientSecret = clientSecret,
    Scope = scope
};

Step 5: Send the request

Call the RequestClientCredentialsTokenAsync method of the HttpClient instance with the ClientCredentialsTokenRequest instance as a parameter to obtain an access (bearer) token.

var tokenResponse = await client.RequestClientCredentialsTokenAsync(request);
if (tokenResponse != null)
{
    return tokenResponse.AccessToken;
}
else
{
    Console.WriteLine("Authentication failed");
    throw new Exception("Authentication failed");
}

If the tokenResponse object is not null, return the AccessToken property of the tokenResponse object. Otherwise, print Authentication failed to the console and throw an exception.

Complete Code

using IdentityModel.Client;
using Newtonsoft.Json;
using Safe_API_Demo_Client.Models;
using System.Text;

namespace Safe_API_Demo_Client
{
    public static class Identity
    {
        public static async void Run()
        {
            var identityUrl = "https://identity-eu.frmsc.com";            

            var clientId = "[Your_ClientId]";
            var clientSecret = "[your_ClientSecret]";
            var scope = "frmsc_safe_upload_api";
            var accessToken = await Authenticate(identityUrl, clientId, clientSecret, "frmsc_fast_safe_api");

        }

        static async Task<string> Authenticate(string identityUrl, string clientId, string clientSecret, string scope)
        {
            HttpClient client = new HttpClient();
            client.BaseAddress = new Uri(identityUrl);

            var openIdDiscoveryDocument = client.GetDiscoveryDocumentAsync(identityUrl).GetAwaiter().GetResult();

            var request = new ClientCredentialsTokenRequest
            {
                Address = openIdDiscoveryDocument.TokenEndpoint,

                ClientId = clientId,
                ClientSecret = clientSecret,
                Scope = scope
            };

            var tokenResponse = await client.RequestClientCredentialsTokenAsync(request);
            if (tokenResponse != null)
            {
                return tokenResponse.AccessToken;
            }
            else
            {
                Console.WriteLine("Authentication failed");
                throw new Exception("Authentication failed");
            }
        }
    }
}