...
The WIWB API has the default option that aggregation to larger timesteps is valid when at least one timestep is available. For example: a 5 minute timestep is aggregated to hourlies when at least one 5 minute timestep is available. For Delft-FEWS applications this is usually not the best solution. Therefore a so-called "minimumAggregationAvailability" option has been added. This value (of type double) has a valid range from 0 to 1 and indicates to the WIWB API the fraction of how much original timesteps should be available in the new timestep. Usually the value will be set to 1, as also can be seen from the below config example "aggregated radar products".
Authentication with OpenID Connect
By default the HydroNet WIWB api API is protected by a user name and password, that can be specified in the import configuration.
Since 2019.02 it is possible to specify a Bearer token. This is typically used when using OpenID Connect as authentication method. To enable a bearer token as authentication mechanism, the following property properties should be set:
- authentication, which is to be defined as "BearerToken"
- tokenUrl, which should direct to the URL that is used to get the BearerToken. This URL is to be set to https://login.hydronet.com/auth/realms/hydronet/protocol/openid-connect/token
| Code Block |
|---|
<string key="authentication" value="BearerToken" />/> <string key="tokenUrl" value="https://login.hydronet.com/auth/realms/hydronet/protocol/openid-connect/token"/> |
Note that the username and password still has to be set to be able to login.
The actual bearer token The actual bearer token should be set in the password field of the import configuration. The username is not used when using a bearer token for authentication.
Proxy Servers
When the hydronet (HydroNet WIWB ) API connection is required to connect to the Hydronet API through a proxy like MuleSoft, additional authentication information might be required in the header. It is possible to add two additional parameters clientId and clientSecret. The default headers are X-IBM-Client-Id and X-IBM-Client-Secret, but these can be changed by configuring the respective headers.the respective headers.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<properties>
<string key="dataSource" value="BHP.Composite.Adjusted"/>
<string key="clientId" value="[to be provided by proxy admin]"/>
<string key="clientIdHeader" value="[to be provided by proxy admin]"/>
<string key="clientSecret" value="[to be provided by proxy admin]"/>
<string key="clientSecretHeader" value="[to be provided by proxy admin]"/>
<bool key="logClientIdHeader" value="true"/>
</properties> |
Starting with May 1 2022, Hydronet API uses a different endpoint to provide the users with an access token (BearerToken, see above). To retrieve the token a client id, client secret and a token url URL are necessary. The client ID and secret can be configured as username and password respectively. The token url URL should be configured as a property. If configured, FEWS will retrieve the token for the import. If it isn’t added to the config, FEWS will assume that the old authentication process is still in use.
To set these headers use the properties below:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<properties> <string key="dataSource" value="BHP.Composite.Adjusted"/> <string key="authentication" value="BearerToken"/> <string key="keepDownloadDataInTempFolder" value="true" "/> <string key="clientId" value="[to be provided by WIWB / Hydronet]proxy admin"/> <string key="clientIdHeader" value="[to be provided by WIWB / Hydronet]proxy admin"/> <string key="clientSecret" value="[to be provided by WIWB / Hydronet]proxy admin"/> <string key="clientSecretHeader" value="[to be provided by WIWB / Hydronet]proxy admin"/> <bool key="logClientIdHeader" value="true"/> <string key="tokenUrl" value="https://login.hydronet.com/auth/realms/hydronet/protocol/openid-connect/token"/> </properties> |
...