# easyroam Service

Security Warning

easyroam services come with administrator permissions. Under no circumstances should you ever give away any credentials associated with an easyroam service.

# Registering a new easyroam service

Go to https://auth.easyroam.de/console/applications (make sure that you are logged-in) and click on the
Create new appplication button.
Make sure the service application type is selected and the Activate client switch is toggled on.
Enter a name for your application.

Since you are registering a service this name will only be visible to you, other administrators, and us.

Enter a client uri that resolves to the client making the API calls.

We currently do not check if the requests are really coming from that uri, however this is subject to change.

Select all scopes your API client is going to use. Since you are creating a service, which operates outside of the user context you can't select the openid and offline_access scopes.

# Client details

After clicking on the Create application button you will receive your client_id and client_secret.

Your client_id will be displayed every time you visit the application site in the authentication console and will look something like this: 123456.easyroam.auth
Your client_secret will only be displayed ONCE! Make sure you save it somewhere safe.

Security Warning

Your client_secret is effectively your applications password to our API.
Never share your client_secret with anyone under any circumstances!
DFN staff will never ask you to share your client_secret with them!

# Authenticating

Once you have your client_id and client_secret your service can authenticate itself.

Authentication is achived by submitting an HTTP form:

POST https://auth.easyroam.de/oauth/token

grant_type=client_credentials
client_id=<your_client_id>
client_secret=<your_client_secret>

This is an HTTP form. NOT a Json payload. If done correctly, it should have request Content-Type application/x-www-form-urlencoded

Upon a successful authentication you will receive a Json object containing 2 properties like so:

{
    "access_token": "...",
    "token_type": "Bearer"
}

import requests

creds = {
    "grant_type": "client_credentials",
    "client_id": "<your_client_id>",
    "client_secret": "<your_client_secret>"
}

r = requests.post(
    "https://auth.easyroam.de/oauth/token",
    data=creds
)
r_json = r.json()

access_token = r_json["access_token"]

print(access_token)

const axios = require('axios');

const creds = {
    grant_type: "client_credentials",
    client_id: '<your_client_id>',
    client_secret: '<your_client_secret>'
};

const resp = await axios({
    method: 'POST',
    url: `https://auth.easyroam.de/oauth/token`,
    data: creds
});

const { access_token } = resp.data;
console.log(access_token);

For a more complex example check out our example easyroam service.