Prepare Your Application
Enable your application to interact with AuthN
AuthN token and domain
To use AuthN APIs, your application needs to use your AuthN service token and know your Pangea project domain. Even if you authenticate your users at Pangea's Hosted Login, you need to call AuthN APIs to complete user sign-in and optionally maintain the user's session at Pangea. The AuthN Default Token and Domain values can be copied from the AuthN Overview page in the Pangea User Console.
You can also create a separate service token and explicitly associate it with the AuthN service on your Pangea project Tokens page.
A service token provides access to all AuthN APIs, including the user management endpoints.
Never make it public or use it in the frontend of your application.
One option to make the AuthN token and domain values available to your app is exporting them to environment variables:
export PANGEA_DOMAIN="aws.us.pangea.cloud"
export PANGEA_AUTHN_TOKEN="pts_gqmqvv...s7nswu"
Saving tokens in Vault
If you enabled Vault in your Pangea project and saved your AuthN token in Vault, you can use Vault APIs to retrieve a token dynamically by using its Vault ID:
export PANGEA_DOMAIN="aws.us.pangea.cloud"
export PANGEA_VAULT_TOKEN="pts_gqmrck...lposwu"
curl --location "https://vault.$PANGEA_DOMAIN/v1/get" \
--header "Authorization: Bearer $PANGEA_VAULT_TOKEN" \
--header 'Content-Type: application/json' \
--data '{
"id":"pvi_iwbahadwqs2azdedzpghxrqoreyu6xai"
}'
The current version of the token will be included in result.current_version.secret within the response.
{
"result" : {
"current_version" : {
"state" : "active",
"secret" : "pts_2lusam...dj47sy",
...
},
...
},
"status" : "Success",
"summary" : "Pangea token retrieved",
...
}
Was this article helpful?