Client-Product Authorisation

Client-Product Authorisation#

When an API token is provided to the MRV API, the Client that created this API Token will be retrieved from the Data Platform API. In addition to validating the API token, additional client permissions are retrieved when a token is provided. The data returned describes the Products that a Client has access to, where that Client-Product assignment has not expired.

Note

Products in the Data Platform API correspond to Capabilities provided to the MRV API.

Any request to perform Field Boundary Detection through the /fields/detection endpoints will validate that the client has been assigned to the boundary-detection product.

For all other requests using the /requests API, the capabilities listed in the request body will be compared with the client product assignments.

For example, a request containing "capabilities": ["tillage"] requires that the Client has been assigned to the tillage product in the Data Platform API.

Checking Client-Product Assignments#

Client-Product assignments can be found in the Data Platform API. These are time-bounded relationships with a start and end date. As such, there may be more than one relationship between a Client and a Product.

To find the Client-Product assignments, use the following API Request. The Client ID must be known to perform this request, and it can only be performed by Superusers or Staff.

curl -X GET "https://gateway.prod.hummingbirdtech.com/api/v1/clients/{client_id}/products" \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer <idToken>"

This will return a list of relationships for that client. A query parameter only_valid=true can be supplied to omit expired relationships.

Assigning Clients to Products#

New Client-Product assignments can be created through the same Data Platform API endpoint with a POST request.

Firstly, the Product UUID must be retrieved through the /products API:

curl -X GET "https://gateway.prod.hummingbirdtech.com/api/v1/products" \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer <idToken>"

This will return a response in the following form:

[
    {
        "name": "tillage",
        "uid": "a8c654c9-4f5a-4049-ad06-d0ccc5331c81"
    }
]

Now, a request can be made to create the new relationship:

curl -X GET "https://gateway.prod.hummingbirdtech.com/api/v1/clients/{client_id}/products" \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer <idToken>" \
     -d '{"product_uid": "<product_uid>", \
          "start_date": "yyyy-mm-dd", \
          "end_date": "yyyy-mm-dd"}'

Now, from the period covered by the start_date and end_date, the Client will be able to make MRV requests for the Capabilities that match their Products.

Contents