...
Analysts and developers of integrators who want to call a secured Informatie Digitaal Vlaanderen API and need to know how to authorize.
...
- Help you decide the most suitable method to connect to the Informatie Digitaal Vlaanderen REST APIs
- Provide a step-by-step explanation of how to get authorization to use the secured Informatie Digitaal Vlaanderen REST APIs with your chosen method.
Terminology
Term | Definition |
---|---|
Resource Owner | The entity that can grant access to a protected resource. Typically, this is the end-user. |
Client | An application requesting access to a protected resource on behalf of the Resource Owner. |
Resource Server | The server hosting the protected resources. These are typically the secured |
Digitaal Vlaanderen REST APIs. | |
Authorization Server | The server that authenticates the Resource Owner and issues Access Tokens after getting proper authorization. In this case this is the |
Digitaal Vlaanderen Authorization Server ( |
authenticatie.vlaanderen.be) | |
Access Token | A credential that can be used by an application to access an API. |
Refresh Token | A long-lived token that is used to obtain a new Access Token after a previous one has expired. |
JSON Web Key | A JavaScript Object Notation (JSON) data structure that represents a cryptographic key. This will be used to establish asynchronous authentication. |
How to obtain your oauth Client from
...
Digitaal Vlaanderen?
Register your Client with Informatie Vlaanderen by sending an e-mail with the following information (preferrably in Dutch) to informatie.vlaanderen@vlaanderen.be.
- A descriptive name of your client. It helps Informatie Vlaanderen to identify your integration.
Example: Telco-GIPODplatform - A short description of the business use.
Examples:- Nachtelijke synchronisatie van GIPOD-innames.
- Voor de integratie van KLIP-planaanvragen.
- The username(s) (at least one) of the client administrators.
If you don’t have a user account yet, you can register at https://beta.oauth.vlaanderen.be - The list of scopes your client needs to access the API (consult the documentation of the API).
- Your integration scenario:
- Client Credentials Grant
- Authorization Code Grant
- Authorization Code Grant for web (+ include one or more redirection URLs of your web application)
Our helpdesk will set up the requested oauth client and send an e-mail containing a link to a page to manage his registered client(s).
Next step: find the most suitable way to connect.You can obtain access to the GIPOD API trough the self-service portal "Beheerderportaal". There are two environments:
- Beheerderportaal T&I, connected to the GIPOD beta environment
- Beheerderportaal production, connected tot the GIPOD production environment