Help for API developers in OAuth2 mode

Introduction

The Help offered by the AIFE will allow you to make the first tests and API calls to qualification then to production. These helps are to be shared with the API developer community. You can contribute to the enrichment of these helps by contacting us by e-mail.

Reminder of pre-requisites

Here are the prerequisites to be able to make API calls in qualification:

These three steps allow you to make API calls in qualification.

1st test API with SOAP UI

Test step by step

1. Principle

The ChorusPro platform allows you to manage invoices sent to institutional clients via webservice. To make the connection, you need: - an identified structure (SIRET of the master company) which possibly supervises other structures (other SIRET) - a manager user (main or secondary) - a technical user account attached to the structure - activate API access rights for this structure.

2. Prerequisites

Install SOAPUI
Have access token via runway

3. Procedure

Before executing the API Chorus Pro call, the user must retrieve an "Access Token". The recovery of this token is described in the PISTE user guide.

In order to make the call, follow the following steps to configure the SOAPui:

From the SOAPui call window, click on "Auth" (red box below)

Following the click, the authentication block is displayed as illustrated below:

Select « Add new authorization », a new window is displayed :

Specify in the "type" field, the value OAuth2.0 and choose a profile

Following validation, the new authorization is created:

Click on « Get Access Token »

In “Oauth 2 Flow” select “Client Credentials Grant”
Copy the Client ID and the Secret Client - which can be retrieved in PISTE as described in the PISTE user guide in the section “6.5 Generating an Api Key” in the PISTE user guide UserGuide_navigation
Fill in the Access Token URL depending on where the call is to be made (Internet zone or ADER). To do this, refer to the section "10.2 List of PISTE access points by partner" of the PISTE user guide UserGuide_navigation
Scope = "openid"
Validate by clicking on Get Access Token

Once the Token access is generated , call the API Chorus Pro call as described below:

The value obtained during the get access Token is automatically entered in the Access Token field (“Authorization” Profile 1 block):

Proceed to the creation of a Header by clicking on the [Headers] button and on the "+":

Enter "cpro-account" as the header name and validate:

When the header is created, enter in the "Value" field the combination "logintechnique: password" encoded in base 64
Execute the API call by clicking on the green arrow and you will then get an answer in the right area (JSON tab).

The expected encoding format: the encoding of the content must be in UTF-8 (Content-Type: charset = UTF-8)

List of PISTE URLs to access the CPRO APIs

Section

Title

As with the execution of the API Chorus Pro call (from soapUi), the user must first retrieve an "Access Token" via the Curl command.

The token is obtained in curl using the following command from the internet:

curl –k –H "content-type :application/x-www-form-urlencoded" –d "grant_type=client_credentials&client_id=XXXXX&client_secret=XXXXXXX&scope=openid" –X POST https://sandbox-oauth.aife.economie.gouv.fr/api/oauth/token

Or the command below from the Interministerial State Network (RIE):

API Consumption in Curl

To consume the API, you must make the following request (by adding the Authorization: Bearer header to each request) from the internet:

curl -k -H "content-type: application/json; charset=UTF-8" -H "Authorization:Bearer <access_token>" -H "cpro-account:<logintechnique:password encodée en base 64>" --data '{votre_body_json}' –X POST https://sandbox-api.aife.economie.gouv.fr/{votre_API}

Or the following command from the inter-ministerial network of the State (RIE):

The response returned is similar to the screenshot below:

Last Update: March 6, 2020

5770