The following chapters describe the configuration of “Service Token Authentication”. Service tokens can be used to authenticate at a Fabasoft Folio Web Service.
Authentication with service tokens allows end users to generate time limited access tokens for interface interactions. External applications can use those tokens to authenticate as the corresponding user.
Tokens can also be revoked by the user.
Service token authentication can only be enabled as an alternative authentication method in combination with SAML. To enable service token authentication, the environment variable FSCVEXT_ALTAUTHMETH must be set for a host or web service.
Furthermore, the authentication method must be enabled via the property Enable Passwords for Applications (FSCOWS@1.1001:staccess) in the web service configuration. Additionally, the web service definition must set the Commonly Usable (FSCOWS@1.1001:webservicecommon) property.
To access the functionality of generation tokens the menu Access for Applications (FSCVENVUI@1.1001:MenuShowAppAccess) has to be customized to be visible for end users.