Skip to main content
Version IIoT Core
Hitachi Vantara Lumada and Pentaho Documentation

IIoT Core Services APIs

  1. Last updated
  2. Save as PDF

The IIoT Core Services APIs can be used to access multiple data stores using the Passport API and also provides management plane APIs for certain product features.

Parent Topic
  • Use

    This guide describes the features of the IIoT Core Services UI and how to use them.

Child Topics

Passport API

You can build your application using the IIoT Core Services Passport API to access data.

The IIoT Core Services Passport API supports user authentication for Couch, Influx, Postgres, and MinIO data APIs. This allows you to add or revoke specific users at any time. This provides an additional layer of security for databases since its credentials are not usually required outside the server.

The Passport API authentication enables a proxy service using Kubernetes services for Couch, Influx, Postgres, and MinIO databases (for port numbers, see Port configuration requirements (Core Services)). These ports receive requests that use Keycloak user names and passwords, validates those credentials with Keycloak via OAuth Helper, then sends the request to the appropriate database using the database credentials.

NoteThe Passport API does not support the use of the u and p query parameters, for user name and password respectively, in Influx queries. All authentication must be done using standard basic authentication or OAuth tokens.
Protection from unauthorized data access

When querying the Influx database, make sure to protect from injections that lead to unauthorized data access.

You can opt to use bind parameters. Examples are available on docs.influxdata.com under bind parameters.

Parent Topic
  • IIoT Core Services APIs

    The IIoT Core Services APIs can be used to access multiple data stores using the Passport API and also provides management plane APIs for certain product features.

Management plane REST API

IIoT Core Services provides management plane APIs for the following product features:

  • Asset management (including digital twin support)
  • Alert management
  • Kubernetes resource management

You can access management plane API descriptions, properties, and examples in the IIoT Core Services UI on the Administration tab under API Documentation.

For more information about how to use the management plane API, contact your Hitachi Vantara representative.

Parent Topic
  • IIoT Core Services APIs

    The IIoT Core Services APIs can be used to access multiple data stores using the Passport API and also provides management plane APIs for certain product features.

Generate bearer authorization

To generate a token, you can use Postman or any other REST API client.

Procedure

  1. Run the following REST API call to generate the ID token:

    POST https://<FQDN>:30443/auth/realms/default/protocol/openid-connect/token/
    Bearer authorization form fields Bearer authorization header fields

  2. Get the ID token in response.

  3. In the IIoT Core Services UI, navigate to the Administration tab, then API Documentation.

  4. Click the Authorize button to create the authorization header.

  5. In the Value field, enter the word "bearer" followed by the previously generated bearer ID token to set the authorization header before testing your API.

    Authorize bearer ID token
Parent Topic
  • IIoT Core Services APIs

    The IIoT Core Services APIs can be used to access multiple data stores using the Passport API and also provides management plane APIs for certain product features.