Securing REST endpoints is an important security aspect of any platform, especially ones that are accessible from the public Internet.
In the RapidMiner platform deployment, REST endpoints can be used for many things from managing executions and schedules to running RapidMiner processes exposed as web services. For backwards compatibility reasons we support HTTP Basic authentication (i.e. sending the username and password unencrypted when calling a REST endpoint), but the recommended authentication scheme is the HTTP Bearer authentication (using an access token).
When integrating web services into other systems, the above recommended token based authentication scheme only works well if tokens are long living. This requires special tokens to be issued and then embedded into the REST API requests. To help users get these tokens, we have created the Token Generator.
Make sure to read our guide on securing web services to understand the entire procedure and how the Token Generator fits into it.
The Token Generator is accessible by navigating to
In order for the Token Generator to function correctly, your user needs to have the
offline_access realm role. For more information on configuring roles, go to the relevant page of Manage deployments.