- Products ProductsLocation Services
Solve complex location problems from geofencing to custom routing
PlatformCloud environments for location-centric solution development, data exchange and visualization
Tracking & PositioningFast and accurate tracking and positioning of people and devices, indoors or outdoors
APIs & SDKsEasy to use, scaleable and flexible tools to get going quickly
Developer EcosystemsAccess Location Services on your favorite developer platform ecosystem
- Documentation
- Pricing
- Resources ResourcesTutorials TutorialsExamples ExamplesBlog & Release Announcements Blog & Release AnnouncementsChangelog ChangelogDeveloper Newsletter Developer NewsletterKnowledge Base Knowledge BaseFeature List Feature ListSupport Plans Support PlansSystem Status System StatusLocation Services Coverage Information Location Services Coverage InformationSample Map Data for Students Sample Map Data for Students
Set up your credentials
This section helps you to:
Get your credentials
You need to obtain and properly configure your credentials so that the OLP CLI can connect to the HERE platform.
Your credentials are used for authentication. The HERE platform uses the concept of apps and access keys to control the access to resources. For more details, see the Identity & Access Management Guide.
The credentials consist of the here.access.key.id and here.access.key.secret contained in a credentials.properties file. You can download this file from the platform portal when creating an access key for an app (see the procedure below in the Credentials setup. The following snippet illustrates an example of a credentials.properties file:
here.user.id = HERE-01966c94-aaf1-4ae2-a1y6-6516b3f9b6c1
here.client.id = mzLcb1rL8nskvDQpCAAO
here.access.key.id = BELUTk45QdaYGgZ9A_IMTA
here.access.key.secret = 108lI7w9m8G_6sIw9kng-PXGoeHQQ-cv6xByNOuMcRYixZZp...
here.token.endpoint.url = https://elb.cn-northwest-1.account.hereapi.cn/oauth2/token
Credentials setup
Follow the procedure below to configure your credentials:
- In the platform portal, in the upper-right corner, click your account icon and select Apps & keys.
- Click the Register new app button and specify the requested information.
- In the Credentials tab, go to the OAuth 2.0 tab and click Create credentials.
-
In the dialog box that opens, click Download to download the
credentials.propertiesfile.Once you click Close, you can no longer access your access key ID and access key secret.
-
To create a default profile and associate your credentials with it, run the following command:
olp credentials import default credentials.properties -
To verify that your credentials have been correctly configured, execute the command below in the directory that contains the OLP CLI JAR file:
olp api token get
An output similar to the one below is generated if your credentials have been configured properly:
Token: eyJhbGciOiJSUzUxMiIsImN0eSI6IkpXVCIsImlzcyI6IkhFUkUiLCJhaWQiOiJtekxjYjFyTDhuc2t2RFFwQ0ZFRiIs
ImlhdCI6MTUyMTgwNjYyOCwiZXhwIjoxNTIxODkzMDI4LCJraWQiOiJqMSJ9.ZXlKaGJHY2lPaUprYVhJaUxDSmxibU1pT2lKQk
1qVTJRMEpETFVoVE5URXlJbjAuLmtGc0JMODJibEUxTHhCS1M3MEctcFEuZHhsb2psaklEQmdNVEdoMEFKMHAzUU9yeE9INXdhd
1hkWjVSLS1Kdkc3VFBoUkRWY3owcUFYZ0V2Y3kwOGpMdzBCR09sNjJfZ2pxeUNuLXhET3JtZV8xNUlkV0tJN2VxTUpZNTNJelRx
ZjhUSzdVVHlEUlJFVnBLRW5BN2FvR2MubFViMTNGYWdKMlVGZXVQZnZsVG44Y2JqTzdtbF9ncGpLamFUN0xmZFF0UQ.EPYB9Rdy
jCHFxrqpaEBWkPzhPmFrAPBKlkt8SQpcI0k71mH_vC6txh6Uv1NVQC4xYyWG7ueq5mb4mcQh1sCorcv15GwIH1R0v0NR_CRPh-M
DNSFtg8HNnWyC1ePsfUGpSqjucQW8RMdbsU03wDO50Pr3ctQI4BZrxiU4HW6tdQq9_TinizujACzE-LMZ6FlFAb6pPB8TDsFlY3
9OmBFXEanaPvZwE01dKjE1K_A_G1_TiJzWo4vwuNeD54HfmOf6hN1IE8-CCSKRoIFoIBiVNqqzyCybyovRlSCWzSaTNz4v9BD7N
2lDgEuBlpn3q0qTFppZzjEvzv3RicGrCC_tmB
Token Expires at: 2018-03-24T14:03:48.100Z
You can now use your credentials to connect to the HERE platform resources through the OLP CLI.
Warning:
Storing your credentials
Keep your credentials private. Don't share them between workstations or users. Don't commit them to public repositories such as GitHub.
For more information on credentials configuration options, see Get your credentials.
Scopes
The HERE platform uses OAuth2 scopes as a mechanism to control access to certain resources. Each of the OLP CLI commands that support scope resolves the scope to use in the request in the following priority order:
-
--scope <project HRN>: An optional parameter that specifies the scope to use in the request. -
here.token.scope: An optional attribute to include in the credentials used for the request. -
Application default scope: If the client making the request has a default scope configured and neither of the above two parameters are present, the client's default scope will be used in the request.
-
If a scope is not found in either of the above three locations, the request will not use any scope.
Profiles
Credentials profiles allow you to define multiple profiles to use different credentials for different projects. You can use credentials profiles to manage and organize multiple app credentials from multiple credentials.properties files.
Profiles and the related credentials are stored in the .here/olpcli.ini file in your home directory. You can manage profiles with the credentials commands. The .here/olpcli.ini file is created after you add your first profile with the olp credentials import command, as described in the Setup section below
Pass credentials to the OLP CLI
The OLP CLI allows you to pass your credentials via optional parameters of the CLI commands or by setting environment variables. The OLP CLI resolves credentials in the following order:
-
--credentials <path to credentials file>: An optional parameter that you append to the end of an applicable CLI command. This parameter specifies the path to thecredentials.propertiesfile to use with the command.For example, execute the command below:
olp catalog layer show hrn:here-cn:data::org:test-catalog test-layer --credentials credentials.propertiesThis shows the properties of the
test-layerlayer if your credentials allow you to access thehrn:here-cn:data::org:test-catalogcatalog. -
OLP_CREDENTIALS: An environment variable that defines the path to thecredentials.propertiesfile used for all CLI commands by default. -
--profile <profile name>: An optional parameter that you append to the end of an applicable CLI command. This parameter specifies the name of the profile to use with the command.For example, the following command shows a list of catalogs accessible to the
olp-userprofile, including all the public HERE platform catalogs:olp catalog list --profile olp-user -
OLP_PROFILE: An environment variable that defines the name of the profile to use for all CLI commands by default. -
defaultprofile: A profile that you create by running the command below:olp credentials import default credentials.properties -
credentials.propertiesdefault location: A path to the.herefolder in your home directory where your credentials file is stored by default.
Note
Some OLP CLI commands require that you specify a group ID. Your administrator must set up the relevant group IDs for your account and assign your application to the group. If your app is not assigned to a group, then the command produces an error. For more information on group IDs, see the Identity & Access Management Guide.
