ManageEngine SDP: Generate Token
On-Premise
In the on-premise deployment of ManageEngine SDP, you need to provide the Auth Token to access the APIs. It is used for authentication. Every user with login permission can generate an Auth Token with/without an expiry date.
Steps to generate the Auth Token
Perform these steps to generate Auth Token.
- Go to 'Admin -> Technicians’.
- To generate an API key for an existing technician, click the Edit icon beside that Technician and to generate the API key for a new technician, click the Add New Technician link, enter the Technician details and provide login permission.
- Click Generate link under the API key details block.
- Select a time frame for the key to expire using the Calendar icon, or simply retain the same key perpetually.
- If a key is already generated for the Technician, a Re-generate link appears.
- A time frame for the key is selected, within which the key expires. Use this Auth Token in the ManageEngine SDP plugin steps connection parameters.
Cloud
ManageEngine ServiceDesk Plus Cloud APIs use selected scopes, which control the type of resource that the client application can access. Tokens are usually created with various scopes to ensure improved security. Scopes contain three parameters — service name, scope name, and operation type. The format to define scope is
“Scope = SDPOnDemand.scope_name.operation_type”
Example: scope=SDPOnDemand.problems.ALL Here, “SDPOnDemand” is the service name, “problems” is the scope name, and “ALL” is the operation type. You can find the list of available scopes with their description on this link https://www.manageengine.com/products/service-desk/sdpod-v3-api/SDPOD-V3-API.html#scopes
One or more scopes can also be mentioned as comma-separated in scope.
Steps to generate the Refresh Token
Generate Client ID, Client Secret and Refresh token for connection to Manage Engine SDP.
- Register your application with ManageEngine ServiceDesk Plus Cloud API.
- To register, go to appropriate Zoho Developer Console URL depending on Data Centre selected when creating the ManageEngine SDP account. (https://www.manageengine.com/products/service-desk/sdpod-v3-api/getting-started/data-centers.html).
- Choose Self Client from the list of client types, and click Create Now.
- Click OK in the pop-up to enable a self-client for your account.
- Now, your client ID and client secret are displayed under the Client Secret tab.
- Click the Generate Code tab and enter the required scope separated by commas. Refer to our list of Scopes, for more details. The system throws an ‘Enter a valid scope’ error when you enter one or more incorrect scopes.
- Select the Time Duration for which the grant token is valid.
After the time duration, the grant token expires.
- Enter a description and click Generate.
- The generated code for the specified scope is displayed. Copy the grant token.
- Make a POST request with the appropriate Accounts Server URL depending on Data Centre of the ManageEngine SDP instance. (https://www.manageengine.com/products/service-desk/sdpod-v3-api/getting-started/data-centers.html). For example: https://accounts.zoho.com/oauth/v2/token https://accounts.zoho.in/oauth/v2/token https://accounts.zoho.in.au https://accounts.zoho.eu https://accounts.zoho.in.cn
Request Parameters
| Parameter | Description |
|---|---|
| code | Enter the Grant Token / Authorization Code generated from the previous step. |
| grant_type | Enter the value as "authorization_code". |
| client_id | Specify client-id obtained from the connected app. |
| client_secret | Specify client-secret obtained from the connected app. |
| redirect_uri | Specify the Callback URL that you registered during the app registration. E.g. https://www.postman.com |
If the request is successful, you will receive the following output:
{
"access_token": "1000.2370ff1fd75e968ae780cd8d14841e82.03518d2d1dab9c6c4cf74ae82b89defa",
"refresh_token": "1000.2afabf2f5a396325e88f715c6de34d12.edce6130ca3832a14e5f80d005a5324d",
"token_type": "Bearer", "expires_in": 3600
}