Table of contents:

Bosch.IdM

The Sign & Encrypt service uses Bosch AD for user authentication. After a successful login, an access token is generated. This token contains all the IdM roles for this user within the specified scopes. It is then used for requests to the Sign & Encrypt service and serves as the basis for authorizing them.

This flow must be used when the multi-factor flow is activated in order to approve signing tasks. The additional factor is determined by receiving a phone call or using an OTP token.

OAuth2 clients

An OAuth2 client follows a standard protocol and can be used to obtain a Suite Auth access token for authenticating your application when using the Sign and Encrypt API endpoints.

The OAuth2 clients UI feature allows the creation, listing, filtering, viewing, and managing of OAuth2 clients, using them to create access tokens.

Create an ACL rule with type CLIENT

Use the ACL API to create an ACL rule with type "CLIENT" and the Client ID as id.

Follow these steps depending on whether you need a global ACL rule or one for a specific device configuration:

• Create an ACL rule for global resource operations

• Create an ACL rule for a device configuration