Skip to content

Access

The Manufacturing Portal Web UI and APIs can only be accessed by authenticated users. The following article will describe the authentication process and how to access the system in different ways.

How to get an account

Every user must use a personalized account to access the Manufacturing Portal. To request a user, send an e-Mail to your Festool contact person, he will take care of all needed steps and will provide you with the needed information.

How to get access to documentation sections

You will get an invitation link after your account setup is complete, that will activate your user to access the private documentation articles. Make sure to follow the link and the given instructions in a timely manner as it will expire after some time.

Web UI

Logging in

The Web Application will prompt you for a username and password when you visit the website. Enter the data that you received from your contact person at Festool in order to login. In case the login prompt does not appear automatically, please click on the 'Log in' button in the navigation menu.

API

The API uses indusrty standards OAuth 2.0 and Open ID Connect to grant access to our systems. You should have a basic understanding how these concepts work in order to use the API.

Tip

In case you are not familiar with using OAuth2 and / or Open ID Connect, please consider using the web application instead.

Authorization Server

In order to get an access token you have to authenticate with our authorization server.

Endpoints

The authorization server can be reached using the following endpoints.

Name URI
Token https://login.microsoftonline.com/8058b2aa-4208-4b28-8451-f97fe76033d5/oauth2/v2.0/token

Supported Grants

We currently only support the client credentials flow on our authorization server.

Requirements

In order to get an access token from the authorization server you will need the following information.

  • Client ID
  • Client Secret
  • Scopes

How to get these values

These values will be provided once we setup system access for you.

Process Overview

sequenceDiagram
    Client->>Authorization Server: Request Token using client ID / secret and scopes
    Authorization Server->>Client: Response with JWT
    Client->>API: Request with JWT Token in Header
    API->>Client: Response
    Client->>API: Another request with JWT Token in Header
    API->>Client: Response

Scopes

The scopes that you need to request will be provided to you when you get set up for access by our IT department.

Examples

cURL

This is the basic command structure, when you want to execute the command, replace the placeholders {...} with their respective values. 

curl -X POST "https://login.microsoftonline.com/8058b2aa-4208-4b28-8451-f97fe76033d5/oauth2/v2.0/token" 
  -d "grant_type=client_credentials
  -d "scope={scopes}"
  -d "client_id={clientId}"
  -d "client_secret={clientSecret}"

This example shows a full request with made up values. 

curl -X POST "https://login.microsoftonline.com/f0ad2ebb-c85b-4ad3-95da-901e5504e6af/oauth2/v2.0/token" 
  -d "grant_type=client_credentials
  -d "scope=api://79eav7fa-284a-8a6b-ak6w-8493ak7dcad5/.default"
  -d "client_id=79ecc9fa-534e-4f9c-ab9a-6640ac8dcff9"
  -d "client_secret=mySuperSecretValue123!"

The response from the authorization server includes the access token and the expiration time in seconds. 

{
    "token_type":"Bearer",
    "expires_in":3599,
    "ext_expires_in":3599,
    "access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjJaU..."
}