cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Okta Bearer Token for API call

seangly
New Contributor III

‎03-22-2024 02:26 PM

Hi Community,

We are trying to set up Rest API call to execute Data Management (OneStream v8.1) call from external system (e.g. Postman)

I followed the document for REST_API_Implementation_Guide.pdf and I am not able to configure the Bearer Token (we are using Okta as Single Sign-on). 

seangly_0-1711131948080.png

 

seangly_1-1711131970442.png

This is not working,  I am wondering if something need to be done on the Okta beside the steps in the document;

 

Labels:
0 Kudos
8 REPLIES 8

DanielWillis
Contributor III

‎03-24-2024 06:14 PM

Which part isn't working exactly? What are you encountering?

Looking at your screenshots it kinda looks like you're trying to get a bearer token from your ExecuteStep call instead of before the ExecuteStep call?

Based on what you're doing, you should be doing a call to get the Bearer token from Okta, using your code to store it in a variable on the test tab, then using that variable in the ExecuteStep call

0 Kudos

seangly
New Contributor III
In response to DanielWillis

‎03-25-2024 07:52 AM

Hi Daniel,

That is correct, I am doing it in the same call.  I am not familiar with Postman so when you says doing a call to get the Bearer token from okta, will have a sample on the setup?  

That is my missing part, getting the Bearer token before I can execute any Api to OneStream.

Regards,

Seang

0 Kudos

DanielWillis
Contributor III
In response to seangly

‎03-25-2024 06:09 PM

I've only used Azure so don't have an example. A quick google didn't seem to be super helpful but it looks like there are a few video tutorials about it.

Basically you create a new request which connects to Okta and will retrieve a new bearer token. On the test tab of that request you have your set variable command which you tried above. Most likely this bearer token will have a timelimit of say 60 minutes so you will need to run it every time you want to test things, prior to running your OneStream request.

Then on your OneStream request you will populate your bearer token variable into the bearer token field.

0 Kudos

seangly
New Contributor III
In response to DanielWillis

a month ago

Hi Daniel,

I am getting close to the solution, like you said it's a two part call.  First is the create that Token and put it into a variable and then use that variable as part of the OneStream API call.  

Thank for your help

Regards,

blakedeckard
New Contributor II

3 weeks ago

Are you using OneStream Identity Server? I believe it is required for v8+ in the cloud.

If so, you will need to create personal access tokens in OneStream and place them directly in the authorization tab in Postman.

Access the Manage Personal Access Tokens Page (onestream.com)

0 Kudos

seangly
New Contributor III
In response to blakedeckard

3 weeks ago

It is a two steps process once the Okta has been configured correctly:

1. We were able to get the bearer token using the correct Okta link and save it into a variable (Postman)
2. USed that vairable in the bearer token (Authentication tab) to call OS API to execute DM job

0 Kudos

blakedeckard
New Contributor II
In response to seangly

3 weeks ago

Per this documentation, I believe that all customers v8 and above will use OIS, which no longer has the steps of getting the bearer token and uses the personal access token. If you are able to get bearer tokens to work on v8+, then I would be interested to know about it as this would be a deviation from my understanding.

OneStream Identity Server (OIS) Content - OneStream Community (onestreamsoftware.com)

0 Kudos

seangly
New Contributor III
In response to blakedeckard

3 weeks ago

Yes you right for OIS, that implementation was for version 7.1.1 on-premises

0 Kudos
Please sign in! seangly
Community Resources
Training and Documentation
Additional Resources