Token-Based Authentication

The NPB application supports token-based authentication, where a user provides credentials in the form of a username and password and receives a generated token that facilitates authentication for future access.

The NPB application supports JSON Web token (JWT) token authentication for gRPC requests. The client accesses the RSA key-pair-signed token by presenting the credentials to an authentication API. When the token is stored on the client, it can send additional gRPC/HTTPS requests, with Authorization: <type> <credentials>, where the authorization type is Bearer followed by your JWT access token credentials, similar to the following example. 
headers: {
    Authorization: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzd......G8p-_cD0"
  }

The authenticate request/response includes a long-lived refresh token, which can be used to get a new access-token when the previous access-token expires, as shown in the following code snippet. 

service Auth {  
  rpc Authenticate (AuthenticateRequest) returns (AuthenticateResponse); 
 rpc GetAccessToken (RefreshToken) returns (AccessToken); 
 } 

For more information about implementing JWT token-based authentication, see the Extreme 9920 Software YANG Reference, 21.2.1.0 .

9038134-00 Rev AA