Enhancing authentication using API Keys
Use API Keys to authenticate a command line or application easily and quickly.
You can create both Personal and Service API Keys in the Dynamic Workload Console and easily assign them to either specific users or groups. A comprehensive API Keys monitoring tool gives you full control over every valid, expiring and expired API Key that have been associated with an engine. For more information, see Authenticating the command line client using API Keys topic in the Documentation.
You can use API Keys to authenticate the command line. You can use an API Key to get authenticated when you launch composer, conman, wappman, and ocli commands, instead of having to provide username and password as in previous versions.
To use the API Key with these commands, you need to have a specific set of authorizations defined in the security file, so that you can generate and retrieve the key from the Dynamic Workload Console. To find out the required authorizations, see Object type - file topic in the Documentation.
To generate the key from the Dynamic Workload Console, perform the steps listed in Authenticating the command line client using API Keys.
After generating the token, you can either specify it in the command line with the -jwt parameter, or add it in the useropts file.
For more information about adding JWT in the useropts file, see Setting user options topic in the Documentation.
For more information about using JWT with commands, see Running the composer program, Running the conman program, wappman command.
You can also use the API Key to authenticate the master domain manager when installing the agents. This authentication allows the product to download the JWT or the certificates to be used for secure communication between master domain manager and dynamic agents. If you provide the API Key (with the apikey parameter), you no longer need to specify username and password (wauser and wapassword parameters) as in previous versions.
For more information about using the API Key for authentication purposes, see Agent installation parameters - twsinst script, Certificates download to dynamic agents - AgentCertificateDownloader script and Example installation commands topics in the Documentation.
Ensure there are no misalignments in date and time in your network nor significant network delays because this might impact JWT performance.