GBG Developers

Guides   |   Pre-Generated Token

Pre-Generated Token

The Delegated Authentication methods (M2M or SSO) have the requirement that an account is needed with a trusted OAuth identity provider such as Microsoft. 

An alternate, quicker-to-deploy method is to request a special token from GBG. It can be used in a similar way to M2M, but with the advantage that no account with a separate OAuth identity provider is needed.

The special token is known as a Pre-Generated Token. It can be exchanged for an IDP Access Token by sending a HTTP request to the GBG servers.

To obtain a Pre-generated token, contact GBG. The token needs to be kept in a permanent secure place, for example in a secure server at a data centre. When any application wishes to use the GBG service, the pre-generated token is sent (by the server or the application – it doesn’t matter) to the GBG service and the IDP Access Token is returned. Eventually the IDP Access Token will expire, and the process will need to be repeated. If the pre-generated token is ever lost, a new one can be requested by contacting GBG.