See below for an example to get Launchpad token from the Token Service. These steps will walk you through how to get the token you need to ingest in the CMR UAT and Prod environments.
To get a Launchpad token, you need to create a curl command that will send the information for your PKI certificate to the Launchpad token service. In this curl command, you'll need to include the local path to where you saved your PKI certificate to your machine. You'll also need to include the password for your PKI certificate, which can be set up as an environment variable $pcode so it's not displayed when you enter your curl command. Finally, you need to specify the URL of the Launchpad token service. An example curl command will look like this:
curl -i --cert /Users/yliu10/Downloads/Modify-002888773.pfx:$pcode --cert-type P12 https://api.launchpad.nasa.gov/icam/api/sm/v1/gettoken
The gettoken request would return something like the following:
{
"authlevel" : 25,
"cookiename" : "SMSESSION",
"session_idletimeout" : 3600,
"session_maxtimeout" : 3600,
"sm_token" : "x3uItGz[redacted]",
"ssozone" : "SM",
"status" : "success",
......
}
The sm_token is the Launchpad token. You'll want to create a file on your local machine to store your token information for ease of use. To ensure your token works correctly, you can validated it against the Launchpad token service. To do so, you'll create a curl command that includes the path to your PKI certificate, the Launchpad token service URL, and the local path to the file where your token information is stored.
curl -XPOST -v --cert-type P12 --cert /Users/yliu10/Downloads/Modify-002888773.pfx:$pcode -H "Content-Type: application/json" https://api.launchpad.nasa.gov/icam/api/sm/v1/validate -d @/Users/yliu10/Downloads/token
In this example, /Users/yliu10/Downloads/token is our file holding the Launchpad token to be validated in JSON.
cat /Users/yliu10/Downloads/token:
{"token": "x3uItGz[redacted]"}
The validation request would return something like the following:
{
"authlevel" : 25,
"backupowner_auids" : [ redacted ],
"backupowner_employeenumbers" : [ redacted ],
"gatewaytime" : 1584114916,
"groups" : [ "CN=ND-GG-234514-smtokenservice,OU=Application Groups,OU=Groups,OU=Administrators,DC=ndc,DC=nasa,DC=gov", "CN=nd-gg-rea-sra-allow-issuance,OU=AGICAMGroups,OU=AGICAM,OU=AG,DC=ndc,DC=nasa,DC=gov", "CN=ND-GG-SV-GS-Services,OU=Groups,OU=Administrators,DC=ndc,DC=nasa,DC=gov, " ],
"identitytype": "service_account",
"owner_auid" : "redacted",
"owner_employeenumber" : "redacted",
"owner_groups" : [ "[redacted]", cn=GSFC-CMR_INGEST_PRODUCTION,[redacted]", "cn=GSFC-CMR_INGEST_UAT,[redacted]", "[redacted]" ],
"session_idleremaining" : 3379,
"session_idletimeout" : 3600,
"session_lasttime" : 1584114695,
"session_maxremaining" : 3366,
"session_maxtimeout" : 3600,
"session_starttime" : 1584114682,
"session_sourceip" : "[redacted]",
"ssozone" : "SM",
"status" : "success",
......
}
or
{
"auid": "redacted",
"authlevel": 40,
"gatewaytime": 1666882286,
"groups": [redacted],
"identitytype": "user",
"levelofconfidence": 40,
"session_idleremaining": 768,
"session_idletimeout": 900,
"session_lasttime": 1666882154,
"session_maxremaining": 35867,
"session_maxtimeout": 36000,
"session_starttime": 1666882153,
"session_sourceip": "redacted",
"ssozone": "SM",
"status" : "success",
......
}
Overview
Content Tools