NTLM is the successor of the authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product, and attempts to provide backwards compatibility with LANMAN. You can obtain an access token to your API in an API Manager instance running on Windows by providing a valid NTLM token as an authorization grant. The steps are given below:
Invoking the Token API to generate tokens
- Get a valid consumer key and consumer secret pair. Initially, you generate these keys through the API Store by clicking the Generate button on the My Subscriptions page.
Combine the consumer key and consumer secret keys in the format consumer-key:consumer-secret and encode the combined string using base64 ( http://base64encode.org ).
In order to generate an access token with NTLM, you must have an NTLM token.Generate an NTLM token by running the sample provided in the
<APIM_HOME>/samples/NTLMGrantClient
directory. See theReadme.txt
in the same folder for instructions.Invoke the token API in the following manner to get an access token.
The value of thewindows_token
in the following command is the NTLM token that you generated in the previous step.curl -k -d "grant_type=iwa:ntlm&windows_token=<give the NTLM token you got in step 3>" -H "Authorization: Basic <give the string you got in step2>" -H "Content-Type: application/x-www-form-urlencoded" https:// ocalhost:8243/token