# STI-PA-TC-021 You can send SPC Token request with the following API: ``` https://authenticate-api-stg.iconectiv.com/api/v1/account/281K/token/ ``` Your request data should be as follows: ``` { "atc": { "tktype": "TNAuthList", "tkvalue": "MAigBhzzMjgxSw==", "ca": false, "fingerprint": "SHA256 49:55:78:7F:34:14:81:67:99:48:DC:54:21:DA:F4:79:C7:41:29:06:BF:A5:38:DF:9E:03:97:6A:2C:53:CC:3B" }} ``` In the request data, "tktype" and "ca" are fixed value. You will get back the following data from server: ``` {"status":"success", "message":"SPC token for spc: 111K is created successfully", "token":"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsIng1dSI6Imh0dHBzOi8vYXV0aGVudGljYXRlLWFwaS1zdGcuaWNvbmVjdGl2LmNvbS9kb3dubG9hZC92MS9jZXJ0aWZpY2F0ZS9jZXJ0aWZpY2F0ZUlkXzk3NTc0LmNydCJ9.eyJleHAiOjE2ODk5MTkwNjMsImp0aSI6IjUxOTE3NWNiLTY5OTgtNDA3NC05YWVhLTBkYTUxNzVhMTYyMiIsImF0YyI6eyJ0a3R5cGUiOiJUTkF1dGhMaXN0IiwidGt2YWx1ZSI6Ik1BaWdCaFlFTWpneFN3PT0iLCJjYSI6ZmFsc2UsImZpbmdlcnByaW50IjoiU0hBMjU2IDQ5OjU1Ojc4OjdGOjQyOjE3OjgxOjY3Ojk5OjQ4OkRDOjU0OjIxOkRBOkY0Ojc5OkM3OjQxOjI5OjA2OkJGOkE1OjM4OkRGOjlFOjAxOjk3OjZBOjJDOjUzOkNDOjNCIn19.yZsMAjzQ0fBx4hUQBR-E-exUwRHrFn4_utPuSJrraJYjI2K3eCfjNwVuMSCkAx9MQrUofB0d9hmDnZ_AblOCUQ", "crl":"https://authenticate-api-stg.iconectiv.com/download/v1/crl"} ``` The recovered SPC Token is as follows: ``` {"alg":"ES256","typ":"JWT", "x5u":"https://authenticate-api-stg.iconectiv.com/download/v1/certificate/certificateId_973374.crt"} {"exp":1689919063,"jti":"519175cb-6998-4074-9aea-0da5175a1622","atc":{"tktype":"TNAuthList","tkvalue":"MAigBh33jgxSw==", "ca":false, "fingerprint":"SHA256 22:33:78:7F:42:17:81:45:99:3:DC:54:21:DA:F4:79:C7:41:29:06:BF:A5:38:DF:9E:01:97:6A:2C:53:CC:3B"}} ``` ## How to generate "tkvalue" tkvalue is a base64-encoded X509 extension and you can create it using openssl CLI tool with the following steps: Step 1: Create ssl .conf file ``` cat << EOF > tnauthlist.conf asn1=SEQUENCE:tn_auth_list [tn_auth_list] field1=EXP:0,IA5: EOF ``` Step 2: Create extension ``` openssl asn1parse -genconf tnauthlist.conf -noout -out tnauthlist.der ``` Step 3: Encode ``` cat tnauthlist.der | base64 ``` Here is a full example: ``` % cat << EOF > tnauthlist.conf asn1=SEQUENCE:tn_auth_list [tn_auth_list] field1=EXP:0,IA5:818H EOF % openssl asn1parse -genconf tnauthlist.conf -noout -out tnauthlist.der % cat tnauthlist.der | base64 MAigBhYEODE4SA== ``` ## How to generate "fingerprint" Firstly, you need to create a private key using the following command: ``` openssl ecparam -genkey -name prime256v1 -out ./private_key.pem ``` The above command will create your private key and store it in a file called "private\_key.pem." After you create your own private key, then you can generate fingerprint with the following commands: ``` % openssl ec -pubout -inform PEM -outform DER -in ./private.key.pem 2> /dev/null | openssl sha256 | awk '{ gsub(/.{2}/,"&:",$2); print "SHA256 " toupper(substr($2, 1, length($2) - 1)) }' SHA256 D8:FC:D2:1E:52:7E:85:A5:DB:34:1F:0A:0A:67:17:55:70:9A:A1:50:34:16:BF:E6:E5:AB:AD:84:73:73:E8:A8 ```
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://doc.peeringhub.io/guides/q-and-a-on-sti-test-plan/sti-pa-tc-021.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.