A third party application can only access data of an installation after the farmer has given its permission. If the farmer gives permission you will receive a token that will allow you to authenticate to the Nedap Livestock Connect API. Each time you make an API call you need to present this token as a proof of permission.
For this authorization and authentication process, we make use of the standard OAuth2 authorization protocol. More information about the OAuth2 authorization protocol can be found here.
To set up a scalable infrastructure which can handle the authorization process you need to implement the OAuth2 protocol in your application. This requires your application to have an interface for the farmer and a dedicated server to accept requests and store tokens.
To use the OAuth2 authorization protocol to get authorization from farmers, the first step is to write some code in your application that can redirect the farmer to a Nedap page where he can authorize your application to access data of his installation. This requires some work to implement, but once built it is a safe scalable solution which makes it easy for new farmers to connect your application to his Nedap Livestock installation.
Initialize the authorization process by redirecting the farmer from your own application to the Business Insight dialog. You should include your own client id (which you have received from Nedap), and a callback URL.
[hier komen 2 screenshots van BI-gebruiker die toegang geeft]
The Farmer is redirected to your callback URL provided in the request. If the user authorized your application the redirection URL contains an additional parameter, the authentication token. For the code example above, a successful authorization process will result in calling the following URL: https://my_application.com/authorization_code?code=aecd3e40cd
With the received authorization token, you can request an access token from the authorization server. In the request you have to include your private client id and client secret (which you have received from Nedap), a callback URL and the received authorization token.
If everything went ok, the authorization server returns an access token and a refresh token. For example:
With this access token you can access the data of the corresponding installation by adding the following header to the API calls:
[hier komt nog ‘List of OAuth methods’. Evt. als te downloaden document weergeven]