If you are using an API in Consignor Portal that requires the use of tokens (Client IDs and Client Secrets), this article will explain how to generate it. 

• Creating a Client ID and Client Secret
• Getting an access token

Please note that only "owner" and "admin" users have access to the API Configuration page. Based on the API you are using, you might consider which user type to use. For example, for the container API we recommend using the "owner" while it is recommend to create a specific admin user for the Shipment Data API so you can customize the shipment viewer profile to match the data you want the Shipment Data API to return. If you are unfamiliar with the user types and roles used in Consignor, we recommend reading this article: Understanding user types and roles in Consignor.

Creating a Client ID and Client Secret

1. Log into Consignor Portal with your owner user.
   
   
2. Click on your name in the top right corner and choose Settings.
   
   
   
   
3. Choose API Configuration > Clients in the left side menu.
   
   
   
   
4. On the Clients page, click the Add button.
   
   
   
   
5. In the dialog box that opens up, fill in Display name and Description. Choose a name and a description that will make it easier to identify the token later on. Check the Enable box to enable the token right away. (You may enable or disble the token any time after it has been created).
   
   
   
   
6. Choose the Allowed Scopes. We recommend always to include OpenId and choose your needed API options. 
   
   
   
   
7. Click Save. Your Client Id and Client Secret will now be generated and displayed on the screen. Important: Note the tokens as Client Secret will not be available after you close the popup.
   
   
   
   
8. Click Save to finish creating the token.
   
   
9. The token will now be listed on the Clients page. You can click on a token any time to edit or delete it or to enable/disable it.  If you have a long list of tokens, you can use the filter option in the top to show only enabled or disabled tokens.
   
   

Getting an access token

Use your Client ID and Client Secret to generate an access token needed for other requests to our API. This is done by making a POST request to the following token endpoint:

https://www.consignorportal.com/idsrv/connect/token

Specify the Client ID, Client Secret and grant type in the language and framework used by your company.

Sample:
POST https://www.consignorportal.com/idsrv/connect/token HTTP/1.1
Cache-Control: no-cache
Host: www.consignorportal.com
Content-Type: application/x-www-form-urlencoded

client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=client_credentials

If the request is valid and the client is configured correctly, you will get back a JSON response:

{
    "access_token": "some-real-token-data-dskjfhsuijkdhfgjkasjdgfhqoeiefoiknsoidfgvoiltgjvpdrofjmwpkldujrftvoifgkhbnilsakjprotglijkqp2owrlfjkvmowrifgho2qw9ouejifpe9rodtuj3-0porfij9odtujgw0etioyh",
    "expires_in": 3600,
    "token_type": "Bearer"
}

Further reading

All our new APIs will support an OpenID solution for enhanced security. For more information, please see the OpenId and IdentityServer standard documentation:

• https://www.identityserver.com/articles/an-introduction-to-the-oauth-device-flow
• https://openid.net/connect/
• http://docs.identityserver.io/en/latest/index.html