REST API Authentication and Authorization
Authentication
GoPlant uses a basic authentication model. In this model, the user encodes their username and password using Base64 encoding. These encoded credentials are then passed in each API call as the Authorization element of the request header. The credentials are used to determine if the user is authorized to perform the operation.
The following is an example of encoding credentials and creating the request header in PowerShell.
# Define clear text string for username and password
[string]$userName = 'GoPlant-Reporter'
[string]$userPassword = 'P@ssw0rd'
$pair = "$($userName):$($userPassword)"
# Encode the credentials using Base64
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair))
$basicAuthValue = "Basic $encodedCreds"
# Construct the request header
$RequestHeader = @{
"X-Api-Version" = 101
"Authorization" = $basicAuthValue
}
MS Entra Authentication
For sites which use MS Entra Authentication for GoPlant website and mobile device authentication, basic authentication and GoPlant credentials are used to access the REST API.
The username is the same for both MS Entra and basic authentication. The GoPlant password for the REST API can be set by clicking on the user icon on the webpage's home screen:
Once you have set the GoPlant password, website authentication is performed as described above. Please reach out to SKF GoPlant support if you have issues setting GoPlant credentials or authenticating against the GoPlant REST API.
Authorization
The GoPlant REST API supports read requests, GETs, and write requests, PUTs. All GET requests require that the user has the reporter role. All PUT requests require that the user has the editor role.
Additionally, most GoPlant REST API calls are scoped based upon the user's storage group. The scoping of each endpoint is described in the documentation for that endpoint.