Access Token for gRPC Service

Configure an access token to connect to a gRPC service.

Figure: gRPC Service Access Token Configuration screen

Background and Setup

Prerequisites

AgilePoint NX OnDemand (public cloud), or AgilePoint NX PrivateCloud or AgilePoint NX OnPremises v9.0 or higher.

Good to Know

In most cases, you can use a global access token or an app level access token:
- Global access tokens are shared across all users and apps. If you want all process designers and runtime app users in your AgilePoint NX tenant to be able to connect to an external data source, use a global access token. An example is a SharePoint site on an intranet that all employees in a company can access.
- Application level access tokens are shared with all processes in a process-based app, or restricted to use within a form-based app. Use application level access tokens if only process designers or runtime app users for a particular application should access an external system — for example, a Box account that is only used to share files within a small team.
Access tokens are collections of credentials that are used to authenticate communication directly between AgilePoint NX and an external system. Because it is the AgilePoint NX system that uses these credentials, rather than an app, there is no difference between design time and runtime access tokens. Access tokens are never checked in or published, and they do not use version control. If you change an access token in App Builder or Manage Center, the access token changes immediately everywhere the access token is used. Changes to app level access tokens apply to all versions of an app, including running application instances. Changes to global access tokens apply everywhere they are used in AgilePoint NX. You can not roll back an access token to a previous version.
For more information, refer to What Data Is Deleted When I Delete an App or Application Resource?
This screen may look different in different places. The UI varies for this screen depending upon how you open it. However, the fields for this screen are the same in all places.
Some information about third-party integrations is outside the scope of the AgilePoint NX Product Documentation. It is the responsibility of the vendors who create and maintain these technologies to provide this information. This includes specific business use cases and examples; explanations for third-party concepts; details about the data models and input and output data formats for third-party technologies; and various types of IDs, URL patterns, connection string formats, or other technical information that is specific to the third-party technologies. For more information, refer to Where Can I Find Information and Examples for Third-Party Integrations?

How to Start

There are several ways to create an access token for a gRPC service.How to create the access token depends on where you want to use it.

Global (Manage Center)

You can use a global access token in any app in your AgilePoint NX tenant. Use a global access token if you want any user in your environment to be able to connect to the same external system.

Click Manage.
In Manage Center, click App Builder > Global Access Tokens.
On the Global Access Tokens screen, click Add Token.
On the Add Global Access Tokens screen, select gRPC Service.
Click Next.

App Level (Modern Add an App Experience)

Create an access token to use in any process activity or form control in an app you create in the Modern Add an App Experience.

In App Builder, in the Modern Add an App Experience, create an app.
For more information, refer to:
- Modern Add An App Experience (Process-Based App)
- Modern Add An App Experience (Form-Based App)
On the Anything else right now? screen, in the Access Tokens field, click Create.
On the What service do you want your app to access? screen, select gRPC Service.
Click Next.

App Level (App Builder)

Create an access token to use in any process activity or form control in a specified app.

Click App Builder.
On the App Builder Home screen, click All Apps.
On the All Apps screen, on an app, click Edit .
On the App Details screen, click Add New > Access Token.
On the What service do you want your app to access? screen, select gRPC Service.
Click Next.

Process Activities and Form Controls

Different access token types can be created in context and used in different process activities, form controls, or apps. The App Builder shows shortcut buttons in any place you can create an access token.

You can create an app level access token for gRPC Service here:

This activity on the Web Services tab:
- gRPC Service activity

Fields

Field Name	Definition
Token Name	Description: Specifies the unique name for your connection to gRPC service. Allowed Values: One line of text (a string). Accepted: Letters Numbers Spaces Default Value: None Example: This is a common configuration field that is used in many examples. Refer to: Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.
Description	Description: A description for your access token. Allowed Values: More than one line of text. Default Value: None Example: This is a common configuration field that is used in many examples. Refer to: Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.
gRPC Server URL	Description: Specifies the gRPC server URL. Allowed Values: A server URL for gRPC Service. Default Value: None Example: http://mygrpcdomain:5200
Protobuf Definition Types	Description: Specifies how to identify the sturcture of the gRPC service. Allowed Values: Use Server Reflection - Specify a server to use server reflection to identify the structure of the gRPC service. Import ProtoBuf Definition From URL - Specify a URL of the file to identify the structure of the gRPC service. Import ProtoBuf Definition From Local File - Specify a file to identify the structure of the gRPC service. Enter ProtoBuf Definition - Specify protoBuf code to identify the structure of the gRPC service. Default Value: Enter ProtoBuf Definition
Import Protobuf Definition From URL	Description: Specifies the protocol buffer URL for the gRPC service. To Open this Field: On the gRPC Service Access Token screen, in the Protobuf Definition Type field, select Import Protobuf Definition From URL. Allowed Values: One line of text (a string) in URL format. Default Value: None
Import Protobuf Definition From Local File	Function: Specifies the file to identify the structure for the gRPC service from your local machine. To Open this Field: On the gRPC Service Access Token screen, in the Protobuf Definition Type field, select Import Protobuf Definition From Local File. Allowed Values: A file in .proto format. Click the Upload File button to select a file from your machine..
Enter Protobuf Definition	Description: Specifies the protobuf code to identify the structure of the gRPC service. To Open this Field: On the gRPC Service Access Token screen, in the Protobuf Definition Type field, select Enter Protobuf Definition. Allowed Values: A protobuf code snippet. Default Value: None
Enable TLS	Description: Specifies the authentication mode to connect to the gRPC service. Allowed Values: Selected - Uses TLS authentication to connect to the gRPC server. Deselected - Does not use TLS authentication to connect to the gRPC server. Default Value: Deselected
Configure	Opens this Screen: Access Token for gRPC Service > Authentication screen > Basic Authentication tab - Creates gRPC service authentication credentials to connect to a gRPC service URL with basic authentication. Access Token for gRPC Service > Authentication screen > OAuth 2.0 tab - Creates gRPC service authentication credentials to connect to a gRPC service URL with the OAuth 2.0 protocol. To Open this Field: Click the Authentication tab.
Metadata	Description: Specifies the metadata necessary for the gRPC service. Metadata contain application-specific information in the SOAP header. Metadata are usually used to give security information, such as authentication credentials. Allowed Values: Name Value Use the Add Metadata button to add metadata for the gRPC service. Default Value: None
Add Metadata	Function: Adds a row for the Name and Value fields. To Open this Field: Click the Metadata tab.
Delete	Function: Deletes the row with Name and Value fields. To Open this Field: Click the Metadata tab.
Bypass Test	Function: Specifies whether to verify the gRPC service configuration. Allowed Values: Selected - gRPC Service verification is bypassed, and the configuration is assumed to be valid. Deselected - gRPC Service verification is required. Default Value: Deselected
Test Connection	Function: Makes sure the specified gRPC service credentials are correct.

gRPC Service Access Token Configuration > Basic Authentication tab

Creates gRPC service authentication credentials to connect to a gRPC service URL with basic authentication.

Fields

Field Name	Definition
User Name	Description: Specifies the user name for gRPC service authentication. Allowed Values: The user name for your gRPC environment. Default Value: None
Password	Description: The password for the authentication account. Allowed Values: An alphanumeric string that represents a password. Default Value: None
Authorization	Description: Specifies an authorization value to connect to the gRPC service. Allowed Values: A valid authorization value. When you click Generate button, this field completes. Default Value: None
Generate	Function: Gives the authorization value to connect to the gRPC service.
Insert	Function: Adds the authorization information in the Name and Value fields.
Reset	Description: Deletes the gRPC service authentication credentials.

gRPC Service Access Token Configuration > OAuth 2.0 tab

Creates gRPC service authentication credentials to connect to a gRPC service URL with the OAuth 2.0 protocol.

Fields

Field Name	Definition
Token Type	Description: Specifies the name of an external system, such as SharePoint, Google Drive, or Box from the list. Allowed Values: The name of an external system. Default Value: None
Token	Description: Specifies the access token for the specified external system. Allowed Values: An access token from the list. Default Value: None. When you select an external system from the Token Type field, the name of the access token for the specified system shows in this field.