# Generate API Token with Service Principal Client ID and Secret

Note that a service principal to securely connect to AppDynamics public APIs on your Cloud Tenant has already been created for this lab. We reviewed this in the last section as the information you would receive in your reservation:

![alt text](https://github.com/prathjan/images/blob/main/reserve3.png?raw=true)

You will now execute AppDynamics API requests to get an API token with the client key and secret of the service principal provided to you as highlighted in the above diagram.

There are two client configurations that can be used to generate the API tokens:

    * Basic authentication where client credentials are sent in the basic authorization header
    
    * Post authentication where the client credentials are sent in the request body

Let's try both configurations here. Following are the steps that will be executed in this section:

    * Set global variables
    
    * Generate tenant ID
    
    * Generate an API token using POST authentication
    
    * Generate an API token with Basic authentication
    
For more details on Service principals, please refer to the following documentation: https://developer.cisco.com/docs/appdynamics/authentication/#!appdynamics-cloud-oauth-api-appdynamics-cloud-oauth-api/overview

Click Run either from the menu above OR the Run button in each code block. Make sure you follow the steps laid out as below in sequence for best experience. Skipping steps may lead to errors.

After you click Run, executions in progress will be denoted by "ln[*]"

PLEASE WAIT FOR EXECUTION TO COMPLETE.


## Set sandbox parameters

Sandbox Parameters to be set has already been provided to you in the reservation UI as highlighted in the disgram below: 

![alt text](https://github.com/prathjan/images/blob/main/reserve1.png?raw=true)

You can copy the values from your reservation window above and copy it in the box below:


In [4]:
%env APPD_CLIENTID_POST=<provided in the Sandbox above>
%env APPD_SECRET_POST=<provided in the Sandbox above>
%env APPD_CLIENTID_BASIC=<provided in the Sandbox above>
%env APPD_SECRET_BASIC=<provided in the Sandbox above>
%env TENANT_NAME=cisco-devnet
%env AWS_ACCESS_KEY=<provided in the Sandbox above>
%env AWS_SECRET_KEY=<provided in the Sandbox above>
%env AWS_CONNECTION_NAME=<provided in the Sandbox above>
%env NEW_SOLUTION_NAME=patsolution1
%env EXT_SOLUTION_NAME=fmm

env: APPD_CLIENTID_POST=<provided in the Sandbox above>
env: APPD_SECRET_POST=<provided in the Sandbox above>
env: APPD_CLIENTID_BASIC=<provided in the Sandbox above>
env: APPD_SECRET_BASIC=<provided in the Sandbox above>
env: TENANT_NAME=cisco-devnet
env: AWS_ACCESS_KEY=<provided in the Sandbox above>
env: AWS_SECRET_KEY=<provided in the Sandbox above>
env: AWS_CONNECTION_NAME=<provided in the Sandbox above>
env: NEW_SOLUTION_NAME=patsolution1
env: EXT_SOLUTION_NAME=fmm


## Set Globals

Execute this to set the globals for this notebook.

In [5]:
import os, random

aws_key = os.getenv('AWS_ACCESS_KEY')
aws_secret = os.getenv('AWS_SECRET_KEY')
aws_conn_name = os.getenv('AWS_CONNECTION_NAME')
#use the same name for connection and config
aws_conf_name = os.getenv('AWS_CONNECTION_NAME')
sol_name = os.getenv('NEW_SOLUTION_NAME')
ext_sol_name = os.getenv('EXT_SOLUTION_NAME')
%store aws_key
%store aws_secret
%store aws_conn_name
%store aws_conf_name
%store sol_name
%store ext_sol_name
print("Globals set:")
print("Using Aws_Key:" + aws_key)
print("Using Aws_Secret:" + aws_secret)
print("Using Aws_Connection_Name:" + aws_conn_name)
print("Using Aws_Config_Name:" + aws_conf_name)

Stored 'aws_key' (str)
Stored 'aws_secret' (str)
Stored 'aws_conn_name' (str)
Stored 'aws_conf_name' (str)
Stored 'sol_name' (str)
Stored 'ext_sol_name' (str)
Globals set:
Using Aws_Key:<provided in the Sandbox above>
Using Aws_Secret:<provided in the Sandbox above>
Using Aws_Connection_Name:<provided in the Sandbox above>
Using Aws_Config_Name:<provided in the Sandbox above>


## Generate Tenant ID

Given the tenant name, the following API call returns the tenant ID. Please click "Run" above to execute this API call and get the tenant ID. You will need this to execute the Configuration and Connection API's:

In [None]:
import json,requests, os

def get_ten_id(ten_name):
    tenurl = "https://observe-tenant-lookup-api.saas.appdynamics.com/tenants/lookup/" + ten_name + ".observe.appdynamics.com"
    headers = {
        'Accept': '*/*'
    }
    response = requests.request("GET", tenurl, headers=headers)
    if response.ok:
        json_object = json.loads(response.text)
        ten_id = json_object['tenantId']
        return ten_id
    else:
        return None

#Get tenant ID given the tenant name
ten_name = os.getenv('TENANT_NAME')
ten_id = get_ten_id(ten_name)
if not ten_id:
    print("Could not get Tenant ID. Cannot proceed with other API's.")
else:
    os.environ['TEN_ID'] = ten_id
    print("Using Tenant ID:" + ten_id)


## Generate token with POST authentication

In [None]:
import os

def get_token(ten_id, cl_id, cl_secret):
    tokenurl = base_url + "/auth/" + ten_id + "/default/oauth2/token"
    print(tokenurl)
    payload='grant_type=client_credentials&client_id=' + cl_id + '&client_secret=' + cl_secret
    
    print(payload)
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded'
    }
    response = requests.request("POST", tokenurl, headers=headers, data=payload)
    if response.ok:
        token_json = response.json()
        return(token_json['access_token'])
    else:
        return None

cl_secret = os.getenv('APPD_SECRET_POST')
cl_id = os.getenv('APPD_CLIENTID_POST')
ten_id = os.getenv('TEN_ID')
ten_name = os.getenv('TENANT_NAME')
base_url = 'https://' + ten_name + '.observe.appdynamics.com'
appd_token = get_token(ten_id, cl_id, cl_secret)
if not appd_token:
    print("Could not get API Token. Cannot proceed with other API's.")
else:
    print (appd_token)
    %store appd_token
    %store base_url

## Generate token with Basic authentication

In [None]:
import base64, os

def get_token_bas():
    cl_secret = os.getenv('APPD_SECRET_BASIC')
    cl_id = os.getenv('APPD_CLIENTID_BASIC')
    bas_string = cl_id + ":" + cl_secret
    bas_string_bytes = bas_string.encode("ascii")
  
    base64_bytes = base64.b64encode(bas_string_bytes)
    base64_string = base64_bytes.decode("ascii")
  
    tokenurl = base_url + "/auth/" + ten_id + "/default/oauth2/token"
    print(tokenurl)
    payload='grant_type=client_credentials'
    
    print(payload)
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Authorization': 'Basic ' +  base64_string
    }
    response = requests.request("POST", tokenurl, headers=headers, data=payload)
    if response.ok:
        token_json = response.json()
        return(token_json['access_token'])
    else:
        return None
    
ten_name = os.getenv('TENANT_NAME')
base_url = 'https://' + ten_name + '.observe.appdynamics.com'
appd_token = get_token_bas()
if not appd_token:
    print("Could not get API Token. Cannot execute other API's.")
else:
    print (appd_token)
    %store appd_token
    %store base_url

## Next Steps

In the next section, we shall use the API token to create a AWS Cloud Configuration.