Welcome
Dynamic Workload Console User's Guide
Managing Workload Security
Managing security settings in your environment by using Dynamic Workload Console.
Authenticating the command line client using API Keys
You can use API Keys to authenticate the command line client

Product requirements
This section contains links to the HCL Workload Automation Product Requirements.
Overview
Mobile Applications Userʼs Guide
Dynamic Workload Console User's Guide
- Getting Started
  Information about the Dynamic Workload Console installation and configuration.
- Running HCL Workload Automation from a mobile device
  Use your mobile device to easily and quickly interact with your HCL Workload Automation environment.
- Managing users and repositories
  How to configure, change, and share your settings repository and change the DB2 user. How to manage the user settings.
- Configuring High Availability
  How to configure, change, and share your settings repository.
- Customizing your console
  You can customize your console to have just the tasks that you want to access.
- HCL Workload Automation Concepts
  Conceptual information about HCL Workload Automation
- Creating and editing items
- Managing Workload Security
  Managing security settings in your environment by using Dynamic Workload Console.
  - Managing access control list
  - Managing security domains
  - Managing security roles
  - Authenticating the command line client using API Keys
    You can use API Keys to authenticate the command line client
  - Service API Key with no group associated
    This scenario covers the specific case where a Service API Key is created without assigning a group to it.
  - Managing folders
  - Actions on security objects
  - Attributes for object types
  - Specifying object attribute values
- Changing user password in the plan
  How you change the user password in the plan.
- Monitoring your environment
- Working with Plans
  The main tasks that involve plans.
- Submitting Workload on Request in Production
  How you can insert jobs or job streams into your workflow at any time.
- Keeping track of changes
  How to keep track of changes in your environment
- Reporting
- Scenarios
  Scenarios demonstrating practical application of HCL Workload Automation in a business environment.
- Reference
  Reference information to perform the main tasks and activities from the Dynamic Workload Console.
- Glossary
AI Data Advisor (AIDA) User's Guide
Scheduling Job Integrations with HCL Workload Automation
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.3.
HCL Workload Automation for Z
Welcome to the HCL Workload Automation for Z documentation, where you can find information about how to install, maintain, and use the product.
Messages and Codes
Glossary
Notices

Authenticating the command line client using API Keys

You can use API Keys to authenticate the command line client

About this task

The purpose of the following scenario is to show how to create and use an API Key to successfully authenticate the command line client.

The scope of the scenario is to list every folder defined in an engine.

Procedure

Login into the Dynamic Workload Console and navigate to Manage API Keys.
In Manage API Keys, select an engine from the Engine name list and click Apply.
Create an API Key:
1. Click Add new.
2. Select either Personal or Service from the Type list.
3. In Name, type API_Key_Name.
4. If you set the API Key type to Service, select the relevant groups from the Group Name list.
5. Click Submit.
6. The API Key token is displayed in the dialogue box. Save it and store it in a secure place.
Note: API Keys expire by default after 365 days. You can set a custom duration for API Keys by adding the following parameters to the {INST_DIR}/usr/servers/engineServer/resources/properties/TWSConfig.properties file:
```
com.ibm.tws.dao.rdbms.apikey.expiring.timeout = n.days
com.ibm.tws.util.jwt.apikey.expiration.date = n.days
```
where com.ibm.tws.dao.rdbms.apikey.expiring.timeout = n.days determines the duration in days of any future API Key created, and com.ibm.tws.util.jwt.apikey.expiration.date = n.days determines when the status of future API Keys changes from Valid to Expiring.
You need to restart WebSphere Application Server Liberty after adding the custom parameters and before creating new API Keys.
This process must be repeated every time you want to change the duration and status change interval of new API Keys. API Keys that have been already created cannot be modified.
Authenticate the command line client with the API Key token:
1. Open the command line client configuration file:
  
  On Windows
  
  %userprofile%\.OCLI\config.yaml
  
  On Linux
  
  $HOME/.OCLI/config.yaml
2. Add or replace the JWT property, entering the API Key token you generated in Step 3 as the property value.
3. Save the file. The command line client is now authenticated.
Access the list of available folders using command line client.
1. Enter the command: composer list folder=@.

Results

You have accessed an engine from a command line client authenticated with an API Key.

To add feedback about this topic, select the following checkbox:

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners Four, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box. Note: To report a problem or question about the product software, do not use this form. Instead, go to the HCL Software Support site. Personal data should not be shared in this comment box. See our Privacy Statement to understand how personal data is used.