# IAM APIs Each member of the Sahamati Network will be onboarded with a designated user who holds an admin role to manage the entity’s profile and secret. * During the onboarding process, the designated user will receive an email containing a verification link. After email verification, **the user will be prompted to set a password**, completing the account activation process. * Once the password is set, **the user can generate the User Access Token** by providing their email and the new password. This token is used for authenticating the entity’s secrets. * The designated user can then use the User Access Token to **access the entity’s secret** and, if necessary, **reset the secret**. * Finally, the entity secret is used to **generate the Entity Access Token**, which is needed for interactions with the ReBIT APIs within the AA network. ### Entity Token Generation use case The Regulated Entities (REs) should generate the Access Token using the Token API from Sahamati for accessing and authentication of any APIs in the AA ecosystem including Sahamati APIs. Here is the sequence diagram for the Token Generation Process.

Token Generation use case diagram

Below are the Base URL of each environment to use IAM APIs.
EnvironmentBase URL
Productionhttps://api.sahamati.org.in/iam
UAThttps://api.uat.sahamati.org.in/iam
Sandbox (Used for PoC)https://api.sandbox.sahamati.org.in/iam
Please note that the following documentation displays the Base URLs from the Sandbox environment. Ensure you use the appropriate Base URLs depending on the environment you are working in. {% openapi src="" path="/user/token/generate" method="post" %} [IAM-Service-Sprint-9.yaml](https://content.gitbook.com/content/CKUjTKikPLYOjZEtClEd/blobs/zYPSph83Hfc1EyFzkrQt/IAM-Service-Sprint-9.yaml) {% endopenapi %} {% openapi src="" path="/entity/secret/read" method="post" %} [IAM-Service-Sprint-9.yaml](https://content.gitbook.com/content/CKUjTKikPLYOjZEtClEd/blobs/zYPSph83Hfc1EyFzkrQt/IAM-Service-Sprint-9.yaml) {% endopenapi %} {% openapi src="" path="/entity/secret/reset" method="post" %} [IAM-Service-Sprint-9.yaml](https://content.gitbook.com/content/CKUjTKikPLYOjZEtClEd/blobs/zYPSph83Hfc1EyFzkrQt/IAM-Service-Sprint-9.yaml) {% endopenapi %} {% openapi src="" path="/entity/token/generate" method="post" %} [IAM-Service-Sprint-9.yaml](https://content.gitbook.com/content/CKUjTKikPLYOjZEtClEd/blobs/zYPSph83Hfc1EyFzkrQt/IAM-Service-Sprint-9.yaml) {% endopenapi %} ## Token Generation APIs: #### API Postman Collection: {% hint style="info" %} We recommend you to use below postman collection to try out our Token-Service\[IAM] APIs {% endhint %} {% file src="" %} Below is the Sandbox Environment file for SahamatiNet Services {% file src="" %} ## Member Secret Management APIs #### API Collection: {% file src="" %} Token-Service\[IAM] - API Collection {% endfile %}