Axway · sbolosan · Dec 2, 2025 · Dec 3, 2025 · Dec 3, 2025 · Dec 5, 2025
@@ -32,8 +32,8 @@ The Traceability Agent gathers API metrics only and does not support transaction
 * An Axway Amplify subscription in the Amplify platform
 * A platform service account. See [Managing service accounts](https://docs.axway.com/bundle/platform-management/page/docs/management_guide/organizations/managing_organizations/index.html#managing-service-accounts)
 * An Amplify environment. See [Create an environment](/docs/integrate_with_central/cli_central/cli_environments/)
-* Sensedia API Gateway with API Manager v5 access
-* Client ID and Client Secret credentials for Sensedia API authentication
+* Sensedia API Gateway with API Manager access
+* Sensedia authentication credentials (either Client ID and Client Secret for OAuth or static token)
 * Docker environment for running the agents
 * Network access from agent host to Sensedia API Gateway and Amplify platform
 

@@ -16,8 +16,8 @@ Each Sensedia Gateway is represented by an Amplify environment allowing you to b
 ### Minimum requirements
 
 * [Amplify Platform Service Account](/docs/integrate_with_central/cli_central/cli_install/#option-2---authenticate-and-authorize-your-service-account)
-* [Sensedia API Gateway with API Manager v5](https://docs.sensedia.com/en/api-platform-guide/4.14.x.x/index.html)
-* Client ID and Client Secret credentials for Sensedia API authentication
+* [Sensedia API Gateway with API Manager](https://docs.sensedia.com/en/api-platform-guide/4.14.x.x/index.html)
+* Sensedia authentication credentials (either Client ID Client Secret for OAuth or static token)
 * Docker environment for running the agents
 * Network connectivity from agent host to Sensedia API Gateway and Amplify platform
 
@@ -32,14 +32,20 @@ The Sensedia agents are delivered as Docker images and can be deployed in any Do
 
 ### Authentication and authorization
 
-The Sensedia agents use OAuth 2.0 client credentials flow for authentication with the Sensedia platform:
+The authentication method is automatically detected based on the configured credentials. Configure either `SENSEDIA_AUTH_CLIENTID` and `SENSEDIA_AUTH_CLIENTSECRET` for OAuth, or `SENSEDIA_AUTH_TOKEN` for Static Token Authentication.
 
-1. **Client Credentials**: The agent uses a configured Client ID and Client Secret
-2. **Token Endpoint**: Authentication requests are made to `/user-management/v1/oauth2/token`
-3. **Bearer Token**: All API calls use the obtained Bearer token
-4. **Token Refresh**: The agent automatically refreshes tokens when they expire
+The Sensedia agents support two authentication methods:
 
-The Bearer token includes tenant information, so no additional tenant configuration is required.
+* **OAuth 2.0 Client Credentials**
+    1. **Client Credentials**: The agent uses a configured Client ID and Client Secret
+    2. **Token Endpoint**: Authentication requests are made to `/user-management/v1/oauth2/token`
+    3. **Bearer Token**: All API calls use the obtained Bearer token with `Authorization: Bearer <token>` header
+    4. **Token Refresh**: The agent automatically refreshes tokens when they expire
+
+* **Static Token Authentication**
+    1. **Static Token**: The agent uses a pre-configured authentication token
+    2. **Header**: All API calls include the `Sensedia-Auth: <token>` header
+    3. **No Refresh**: Static tokens do not expire and require no refresh mechanism
 
 ## Discovery Agent features
 
@@ -125,10 +131,11 @@ The Traceability Agent collects API call metrics from Sensedia environments and
 ### Environment variables
 
 | Variable | Description | Required | Default | Example |
-|----------|-------------|----------|---------|---------|
+|----------|-------------|----------|---------|---------|  
 | `SENSEDIA_BASEURL` | Sensedia platform base URL | Yes | | `https://platform-production.sensedia.com` |
-| `SENSEDIA_AUTH_CLIENTID` | Client ID for authentication | Yes | | `id` |
-| `SENSEDIA_AUTH_CLIENTSECRET` | Client Secret for authentication | Yes | | `<secret>` |
+| `SENSEDIA_AUTH_CLIENTID` | Client ID for OAuth authentication | No | | `id` |
+| `SENSEDIA_AUTH_CLIENTSECRET` | Client Secret for OAuth authentication | No | | `<secret>` |
+| `SENSEDIA_AUTH_TOKEN` | Static authentication token | No | | `your-static-token` |
 | `SENSEDIA_DEVELOPEREMAIL` | Email for application creation (Discovery Agent only) | Yes | | `[email protected]` |
 | `SENSEDIA_ENVIRONMENTS` | Comma-separated list of environments | No | `""` (all environments) | `Production,Development` |
 | `SENSEDIA_FILTER` | API discovery filter expression | No | `""` (no filtering) | `tag.Axway_axway.Exists()` |

@@ -16,7 +16,7 @@ Once agents are correctly deployed, they can collect the data from the Sensedia
 * Docker must be installed and you will need a basic understanding of Docker commands
 * You will need information on Sensedia API Gateway:
     * The Sensedia platform URL (e.g., `https://platform-production.sensedia.com`)
-    * Client ID and Client Secret for API authentication
+    * Authentication credentials: either Client ID and Client Secret (OAuth) or static token
     * Configured environments (if filtering by environment)
 
 ## Objectives
@@ -36,8 +36,9 @@ All common agent variables can be found [here](/docs/connect_manage_environ/conn
 | Variable name                    | Description                                                                                                                                                                         |
 | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | SENSEDIA_BASEURL                 | The base URL of the Sensedia platform API Manager (e.g., `https://platform-production.sensedia.com`).                                                                            |
-| SENSEDIA_AUTH_CLIENTID           | The client ID for authenticating with Sensedia API Gateway.                                                                                                                        |
-| SENSEDIA_AUTH_CLIENTSECRET       | The client secret for authenticating with Sensedia API Gateway.                                                                                                                    |
+| SENSEDIA_AUTH_CLIENTID           | The Client ID for OAuth authentication with Sensedia. Either use this with CLIENTSECRET or use TOKEN.                                                             |
+| SENSEDIA_AUTH_CLIENTSECRET       | The Client Secret for OAuth authentication with Sensedia. Either use this with CLIENTID or use TOKEN.                                                             |
+| SENSEDIA_AUTH_TOKEN              | The static authentication token for Sensedia. Either use this or use CLIENTID with CLIENTSECRET.                                                              |
 | SENSEDIA_DEVELOPEREMAIL          | Developer email for application creation in Sensedia.                                                                                                                              |
 | SENSEDIA_FILTER                  | Filter condition expression for discovering APIs based on tags. The conditional expression must have "tag" as the prefix/selector. For example, `tag.Axway_axway.Exists()`.      |
 | SENSEDIA_DISCOVERYIDENTITYAPIS   | When set to true, the agent will discover Identity APIs. Default is false.                                                                                                         |
@@ -54,8 +55,14 @@ For example:
 ```yaml
 # Sensedia connectivity
 SENSEDIA_BASEURL=<YOUR_SENSEDIA_PLATFORM_URL>
+
+# Option 1: OAuth authentication 
 SENSEDIA_AUTH_CLIENTID=<YOUR_SENSEDIA_CLIENT_ID>
 SENSEDIA_AUTH_CLIENTSECRET=<YOUR_SENSEDIA_CLIENT_SECRET>
+
+# Option 2: Static token authentication - use instead of Option 1
+# SENSEDIA_AUTH_TOKEN=<YOUR_STATIC_TOKEN>
+
 SENSEDIA_DEVELOPEREMAIL=<YOUR_DEVELOPER_EMAIL>
 SENSEDIA_FILTER=tag.Axway_axway.Exists()
 SENSEDIA_POLLINTERVAL=30s
@@ -106,8 +113,9 @@ All common agent variables can be found [here](/docs/connect_manage_environ/conn
 | Variable name                    | Description                                                                                                                                                                         |
 | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | SENSEDIA_BASEURL                 | The base URL of the Sensedia platform API Manager (e.g., `https://platform-production.sensedia.com`).                                                                            |
-| SENSEDIA_AUTH_CLIENTID           | The client ID for authenticating with Sensedia API Gateway.                                                                                                                        |
-| SENSEDIA_AUTH_CLIENTSECRET       | The client secret for authenticating with Sensedia API Gateway.                                                                                                                    |
+| SENSEDIA_AUTH_CLIENTID           | The Client ID for OAuth authentication with Sensedia. Either use this with CLIENTSECRET or use TOKEN.                                                             |
+| SENSEDIA_AUTH_CLIENTSECRET       | The Client Secret for OAuth authentication with Sensedia. Either use this with CLIENTID or use TOKEN.                                                             |
+| SENSEDIA_AUTH_TOKEN              | The static authentication token for Sensedia. Either use this or use CLIENTID with CLIENTSECRET.                                                              |
 | SENSEDIA_ENVIRONMENTS            | Comma-separated list of Sensedia environments to monitor for traceability (e.g., `Production,Development`).                                                                       |
 | SENSEDIA_POLLINTERVAL            | The interval at which to poll Sensedia for transaction data (ns - default, us, ms, s, m, h). Default is 5m.                                                                      |
 | SENSEDIA_SENDALLTRAFFIC          | When set to true, the agent will send all API traffic to be reported. When set to false, only discovered APIs will be reported. Default is false.                               |
@@ -123,8 +131,14 @@ For example:
 ```yaml
 # Sensedia connectivity
 SENSEDIA_BASEURL=<YOUR_SENSEDIA_PLATFORM_URL>
+
+# Option 1: OAuth authentication
 SENSEDIA_AUTH_CLIENTID=<YOUR_SENSEDIA_CLIENT_ID>
 SENSEDIA_AUTH_CLIENTSECRET=<YOUR_SENSEDIA_CLIENT_SECRET>
+
+# Option 2: Static token authentication - use instead of Option 1
+# SENSEDIA_AUTH_TOKEN=<YOUR_STATIC_TOKEN>
+
 SENSEDIA_ENVIRONMENTS=Production,Development
 SENSEDIA_POLLINTERVAL=5m
 SENSEDIA_TRACEABILITYBATCHSIZE=500
@@ -274,8 +288,10 @@ The installation procedure will prompt for the following:
    * **Service account**: can be an existing service account created in the Amplify platform. The installation procedure creates a service account that can be used only with Amplify Engage. If you choose an existing service account, be sure you have the appropriate public and private keys, as they will be required for the agent to connect to the Amplify platform. If you choose to create one, the generated private and public keys will be provided.
 3. Sensedia Configuration Setup options:
    * **Platform URL**: Sensedia platform base URL (e.g., `https://platform-production.sensedia.com`)
-   * **Client ID**: Client ID for Sensedia API authentication
-   * **Client Secret**: Client Secret for Sensedia API authentication
+   * **Authentication Method**: Choose between OAuth (Client ID and Client Secret) or Static Token
+      * **Client ID**: Client ID for OAuth authentication if OAuth selected
+      * **Client Secret**: Client Secret for OAuth authentication if OAuth selected
+      * **Static Token**: Authentication token if Static Token selected
    * **Environments**: Comma-separated list of environment names (e.g., `Producao,Development`)
    * **Discovery Identity APIs**: Whether to discover identity APIs (true/false)
    * **Discovery Private APIs**: Whether to discover private APIs (true/false)