Authorization

To obtain an authorization token for using the Enneo API, API users have the following options, depending on the use case.

1. User JWT token for development

Users can generate a personal access token by navigating to their profile page and clicking on the "API-Schlüssel erstellen" (Create API Key) button. It is important to save this key because it will only be shown once.

2. Service worker JWT token for periodic tasks

You can utilize a service worker token by selecting an existing service worker or creating a new one in the settings → users → service workers page. Once a service worker is selected, users can create an API key by clicking on the "API-Schlüssel erstellen" (Create API Key) button. It is crucial to save this key as it will only be shown once.

These tokens only expire when revoked / re-created on the users → service workers page.

3. OAuth2 Session token

API service workers or users can log in with Single Sign-On (SSO) credentials using the /api/auth endpoints to obtain a session token. The SSO-backend, typically Microsoft Azure OAuth2 or Google OAuth2 will then validate against enneo. If the validation is successful, enneo will issue a session tokens with a validity of 24 hours which can be used as a credential for API requests. This method is more complex and is therefore typically only chosen in advanced infrastructure setups.

💡

Within AI functions, you do not need to authorize against enneo API endpoints. The SDK will take care of authorization.

Remember to securely store and manage your authorization tokens to ensure the security and integrity of your API interactions.

Using the token

Once you have the token, you can pass it as a Bearer token in the header, as in this example:

curl --header 'Authorization: Bearer eyJhbGciOiJI...' \
	 'https://demo.enneo.ai/api/mind/ticket/6'