Authenticating and using the CCX-deployment API

To use the CCX-deployment API, you need to initialize and connect to the Content Platform Engine environment before you export or import application assets.

About this task

You need to do the following tasks to access the CCX-deployment API:

Initializing the CCX-deployment API
Authenticating to use the CCX-deployment API

Initializing the CCX-deployment API

You need to initialize the CCX-deployment API for your Content Platform Engine environment before you export or import application assets.

Procedure

Initialize the AuditLogger object.
You need to initialize the AuditLogger object so that the object can be passed later to the export and import classes.
```
audit_logger = AuditLogger(file_path="audit.log")
```
Optional: Enable API-level logging to capture troubleshooting information.
```
logging.basicConfig()
logging.getLogger("csdeploy").setLevel(logging.WARNING)
```
if you need to capture more log details, you can change the logging level from logging.WARNING to logging.DEBUG.

Connecting the CCX-deployment API to CSGQL Services

You can configure authentication options based on how your Content Platform Engine environment is configured.

About this task

For authentication and related configuration parameters, it is convenient to capture the settings in a module named, for example, config. The sample code for calling the CCX-deployment API uses this technique. The example code that is discussed in the task assume the use of a config module.

Procedure

Initialize a GraphQLConnection object and call the initialize method of the GraphQLConnection class for your authentication type.

OAuth based authentication
For OAuth based authentication, initialize the GraphQLConnection connection object and call the conn.initialize_oauth() method.
```
conn = GraphqlConnection(url=config.GQL_URL, token_url=config.TOKEN_URL) 
conn.initialize_oauth(
    client_id=config.CLIENT_ID, 
    client_secret= config.CLIENT_SECRET, 
    username=config.OAUTH_USERNAME, 
    password=config.OAUTH_PASSWORD, 
    grant_type=config.GRANT_TYPE, 
    scope=config.SCOPE) 
conn.get_token() 
```
The conn.initialize_oauth() returns two tokens - an XSRF token, and an access token. The conn.xsrf_token member holds the XSRF token, which is used to prevent cross-site request forgery (CSRF) attacks.
The conn.token member holds the access token, which is used for authentication. When a GraphQL request is made, you must include the conn.xsrf_token and the conn.token token in the request header.
Basic authentication
For basic authentication, initialize the GraphQLConnection connection object and call the conn.initialize_basic() method.
```
conn = GraphqlConnection(url=config.GQL_URL) 
conn.initialize_basic(username=config.BASIC_USERNAME, password=config.BASIC_PASSWORD)  
```
The conn.initialize_basic() returns the conn.xsrf_token member holds the XSRF token, which is used to prevent cross-site request forgery (CSRF) attacks. The basic authentication credentials are also sent as the authentication header with each request.

Zen and IAM based authentication

For Zen and IAM based authentication, initialize the GraphQLConnection connection object and call the conn.initialize_zen_iam() method.

conn = GraphqlConnection(url=config.GQL_URL, token_url=config.TOKEN_URL) 
conn.initialize_zen_iam(zen_exchange_url=config.EXCHANGE_TOKEN_URL,  
    iam_client_id=config.CLIENT_ID, 
    iam_client_secret= config.CLIENT_SECRET, 
    iam_username=config.OAUTH_USERNAME, 
    iam_password=config.OAUTH_PASSWORD, 
    iam_grant_type=config.GRANT_TYPE, 
    iam_scope=config.SCOPE) 
conn.get_token()

The conn.initialize_zen_iam() returns the conn.xsrf_token and the conn.token members that are sent with each GraphQL request.

(V5.6 iF001 and later) Zen API key-based authentication
For Zen API key-based authentication, initialize the GraphQLConnection connection object and call the initialize_zen_api() method.
```
conn = GraphqlConnection(url=config.GQL_URL, token_url=config.TOKEN_URL)
conn.initialize_zen_api(
    username=config.ZEN_USERNAME, 
    apikey=config.ZEN_APIKEY)
conn.get_token()
```
The conn.initialize_zen_api() returns the conn.xsrf_token and conn.token members that are sent with each GraphQL request.