Invalid Apikey when generating access token for Core Content App

Hello @KamelMsalmi ,

Let me explain a bit the concepts behind API access and our SaaS apps.

Core Content is a SaaS application that has 2 layers: the backend (which has all the REST API services to upload/download/manage documents and data) and the frontend (which allows you to embed and communicate with the UI portion).

When you get a Core Content Subscription, you get access to the frontend part. In the admin center you can manage different users, groups, authentication, etc. Under the Integrations part, yes, you can define a new Service Client but that will allow you to get an access token for the UI integration, not for the backend services.

To test it, you can use the following information in order to obtain the token with your current credentials:

• URL: {{auth_url}}/otdstenant/{{tenant_id}}/oauth2/token
• Body:
  • client_id: «your client_id»
  • client_secret: «your client_secret»
  • grant_type: password
  • username: «your user_name»
  • password: «your password»
  • client_data: subName=«your subscription_name»
  • scope: otds:roles otds:groups readwrite subscription:«your subscription_name»
• Content-Type: x-www-form-urlencoded

The auth_url will depend on which region you have created your Core Content account, if you post your URL that you are using to access the Core Content subscription, I can guide you further.

Now, what you want actually, is to have access to the backend API. For that, you will need to start a Developer Cloud trial by going here https://developer.opentext.com/plans and creating a new Information Management Services Trial. Warning: you will be asked in which Region you want it created, the Region should be the same as your Core Content trial. The email address should be the same as the Core Content admin email address.

After successfully creating the Developer Trial, the Admin center for it will look a bit different as you will now see a top level of an Organization. Which is above the "Tenant" level. You need to delete the default tenant that was created automatically and add a new tenant by clicking the "Add tenant" and then "Attach an Existing Tenant" button. Enter your Core Content tenant ID and then you will be guided through the process.

Once you finish, click on the left menu on the App management > Apps and click the Add button to add a new application. Click on "Extend Existing App" and select your tenant from the list and the Core Content application from the dropdown. At the end of this process, you will have on the screen the generated Public Client ID and Confidential Client ID and Secret. Keep them in a safe place!

At this point, you can use all the APIs described in the https://developer.opentext.com/services/apis API section and you should now be able to login using your client ID and client secret.

I hope this is clear, if not, post here where you get stuck.

Hi @KamelMsalmi

The Core Content trials are currently in the older na-1-dev region and by default do not provide API access for developers.

The Developer self-service trials now support choosing a region for your trial in us, au or ca - but the us region is not in the same data centre as the na-1-dev region even though both are in the United States.

Your Core Content trial would have been provided to you via some concierge process and not through self-service. Therefore in order to have API access to your Core Content tenant and instance the trial account owner would have to request that via your OpenText account rep, that an Organization be created within the na-1-dev region in the same name/email as the Core Content tenant admin - and a Core Content Developer plan assigned to that Organization.

Then you would be able to follow the steps outlined here: https://developer.opentext.com/services/developertools/developer-admin/documentation/saas-application-extension-developer-concepts-overview/1

I hope that helps - if not, please come back to me.

I also want to correct one thing @alex said above. The correct supported tenant token url is: <region>.api.opentext.com/tenants/<tenant_id>/oauth2/token. Whilst the /otdstenant/ variant works now it is not guaranteed to work in the future.