This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
NTLM Grant
NTLM is the successor of the authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product, and attempts to provide backwards compatibility with LANMAN. You can obtain an access token to your API in an API Manager instance running on Windows by providing a valid NTLM token as an authorization grant. The steps are given below:
Invoking the Token API to generate tokens
- Get a valid consumer key and consumer secret pair. Initially, you generate these keys through the API Store by clicking the Generate Keys button on the Production Keys tab of the application.
Combine the consumer key and consumer secret keys in the format consumer-key:consumer-secret and encode the combined string using base64 ( http://base64encode.org ).
In order to generate an access token with NTLM, you must have an NTLM token.ÂGenerate an NTLM token by running the sample provided in theÂ
<APIM_HOME>/samples/NTLMGrantClient
directory. See theReadme.txt
 in the same folder for instructions.Invoke the token API in the following manner to get an access token.
The value of thewindows_token
in the following command is the NTLM token that you generated in the previous step.curl -k -d "grant_type=iwa:ntlm&windows_token=<give the NTLM token you got in step 3>" -H "Authorization: Basic <give the string you got in step2>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
Note that for users to be counted in the Registered Users for Application statistics which takes the number of users shared each of the Application, they should have to generate access tokens using Password Grant type.