Application access

Open

An external system must be identified in Usage Engine before it interacts with the platform’s APIs. An admin user can create and manage this identity via the Application access tab.

Open

Application access tab

Usage Engine uses the OAuth 2.0 protocol to secure access to its APIs. It supports automated, system-to-system (machine-to-machine) requests where no user is involved, by using the Client Credentials authorization flow. In this flow, applications authenticate themselves using their own credentials to obtain access tokens, enabling secure API access without requiring a user login.

To access protected resources, your application must request an access token from the Authorization Endpoint (authentication/v1/oauth/token). The process works as follows:

1. Token Request:
   The external application sends its credentials directly to the authorization server at the specified endpoint.

2. Token Grant:
   The authorization service verifies the credentials and, if valid, issues an access token to the application.

3. API Access:
   The application presents this access token when calling the Usage Engine API. The API validates the token and, if it is valid, grants access to the requested resource.
   No user is involved in this process; the application authenticates itself directly.

This section has the following subsections: