To obtain an authorization token for using the Enneo API, API users have several options depending on the use case.

1. User JWT token for development

Users can generate a personal access token by navigating to their profile page and clicking on the “Create API Key” button. It is critical to save this key as it will only be shown once.

2. Service worker JWT token for periodic tasks

A service worker token can be utilized by selecting an existing service worker or creating a new one in the settings → users → service workers page. Once a service worker is selected, an API key can be created by clicking the “Create API Key” button. It is crucial to save this key because it will only be shown once. These tokens only expire when revoked or re-created on the users → service workers page.

3. OAuth2 Session token

API service workers or users can log in with Single Sign-On (SSO) credentials using the /api/auth endpoints to obtain a session token. The SSO-backend, typically Microsoft Azure OAuth2 or Google OAuth2, then validates against Enneo. If the validation is successful, Enneo issues session tokens with a validity of 24 hours which can be used as credentials for API requests. This method is more complex and hence is typically only chosen in advanced infrastructure setups.
Within AI functions, authorization against Enneo API endpoints is not needed. The SDK handles authorization.
Be sure to securely store and manage authorization tokens to maintain the security and integrity of API interactions.

Using the token

Once the token is available, it can be passed as a Bearer token in the header, as illustrated in this example: 
curl --header 'Authorization: Bearer eyJhbGciOiJI...' \
     'https://demo.enneo.ai/api/mind/ticket/6'