First Steps

Your first steps with Konnektr Graph after creating your resource.

Authentication with Auth0

Since Konnektr Graph uses Auth0 instead of Azure AD, you can't use the default DefaultAzureCredential. Instead, you need to implement a custom TokenCredential that gets tokens from Auth0.

Auth0 Configuration

  • Domain: auth.konnektr.io
  • Audience: https://api.graph.konnektr.io
  • Grant Type: client_credentials (for service-to-service) or Authorization Code flow (for user authentication)

Custom TokenCredential Implementation

Python Example

import requests
from azure.core.credentials import AccessToken, TokenCredential
from datetime import datetime, timezone
import time

class KonnektrTokenCredential(TokenCredential):
    def __init__(self, domain: str, client_id: str, client_secret: str, audience: str):
        self.domain = domain
        self.client_id = client_id
        self.client_secret = client_secret
        self.audience = audience
        self._token = None
        self._expires_on = 0

    def get_token(self, *scopes, **kwargs) -> AccessToken:
        # Check if we have a valid cached token
        if self._token and time.time() < self._expires_on - 300:  # 5 min buffer
            return self._token

        # Get new token from Auth0
        url = f"https://{self.domain}/oauth/token"
        payload = {
            "client_id": self.client_id,
            "client_secret": self.client_secret,
            "audience": self.audience,
            "grant_type": "client_credentials"
        }
        
        response = requests.post(url, json=payload)
        response.raise_for_status()
        
        token_data = response.json()
        access_token = token_data["access_token"]
        expires_in = token_data["expires_in"]
        
        # Cache the token
        self._expires_on = time.time() + expires_in
        self._token = AccessToken(access_token, int(self._expires_on))
        
        return self._token

C# Example

using Azure.Core;
using System.Text.Json;

public class KonnektrTokenCredential : TokenCredential
{
    private readonly string _domain;
    private readonly string _clientId;
    private readonly string _clientSecret;
    private readonly string _audience;
    private readonly HttpClient _httpClient;
    
    private AccessToken? _cachedToken;
    private DateTimeOffset _tokenExpiry;

    public KonnektrTokenCredential(string domain, string clientId, string clientSecret, string audience)
    {
        _domain = domain;
        _clientId = clientId;
        _clientSecret = clientSecret;
        _audience = audience;
        _httpClient = new HttpClient();
    }

    public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken)
    {
        return GetTokenAsync(requestContext, cancellationToken).GetAwaiter().GetResult();
    }

    public override async ValueTask<AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
    {
        // Return cached token if still valid (with 5 min buffer)
        if (_cachedToken.HasValue && DateTimeOffset.UtcNow < _tokenExpiry.AddMinutes(-5))
        {
            return _cachedToken.Value;
        }

        var tokenUrl = $"https://{_domain}/oauth/token";
        var payload = new
        {
            client_id = _clientId,
            client_secret = _clientSecret,
            audience = _audience,
            grant_type = "client_credentials"
        };

        var content = new StringContent(JsonSerializer.Serialize(payload), System.Text.Encoding.UTF8, "application/json");
        var response = await _httpClient.PostAsync(tokenUrl, content, cancellationToken);
        response.EnsureSuccessStatusCode();

        var responseContent = await response.Content.ReadAsStringAsync(cancellationToken);
        var tokenResponse = JsonSerializer.Deserialize<TokenResponse>(responseContent);

        _tokenExpiry = DateTimeOffset.UtcNow.AddSeconds(tokenResponse.expires_in);
        _cachedToken = new AccessToken(tokenResponse.access_token, _tokenExpiry);

        return _cachedToken.Value;
    }

    private class TokenResponse
    {
        public string access_token { get; set; }
        public int expires_in { get; set; }
        public string token_type { get; set; }
    }
}

JavaScript/Node.js Example

const axios = require('axios');

class KonnektrTokenCredential {
    constructor(domain, clientId, clientSecret, audience) {
        this.domain = domain;
        this.clientId = clientId;
        this.clientSecret = clientSecret;
        this.audience = audience;
        this.cachedToken = null;
        this.tokenExpiry = 0;
    }

    async getToken() {
        // Return cached token if still valid (with 5 min buffer)
        const now = Math.floor(Date.now() / 1000);
        if (this.cachedToken && now < this.tokenExpiry - 300) {
            return { token: this.cachedToken, expiresOnTimestamp: this.tokenExpiry * 1000 };
        }

        const tokenUrl = `https://${this.domain}/oauth/token`;
        const payload = {
            client_id: this.clientId,
            client_secret: this.clientSecret,
            audience: this.audience,
            grant_type: 'client_credentials'
        };

        const response = await axios.post(tokenUrl, payload);
        const { access_token, expires_in } = response.data;

        this.cachedToken = access_token;
        this.tokenExpiry = now + expires_in;

        return { 
            token: access_token, 
            expiresOnTimestamp: this.tokenExpiry * 1000 
        };
    }
}

Using the Custom Credential

Python with Azure Digital Twins SDK

from azure.digitaltwins.core import DigitalTwinsClient

# Create credential
credential = KonnektrTokenCredential(
    domain="auth.konnektr.io",
    client_id="your-client-id",
    client_secret="your-client-secret",
    audience="https://api.graph.konnektr.io"
)

# Create client
client = DigitalTwinsClient(
    endpoint="https://your-graph-name.api.graph.konnektr.io",
    credential=credential
)

# Now you can use the client normally
models = client.list_models()
for model in models:
    print(f"Model: {model.id}")

C# with Azure Digital Twins SDK

using Azure.DigitalTwins.Core;

var credential = new KonnektrTokenCredential(
    domain: "auth.konnektr.io",
    clientId: "your-client-id", 
    clientSecret: "your-client-secret",
    audience: "https://api.graph.konnektr.io"
);

var client = new DigitalTwinsClient(
    new Uri("https://your-graph-name.api.graph.konnektr.io"), 
    credential
);

// Use the client normally
var models = client.GetModelsAsync();
await foreach (var model in models)
{
    Console.WriteLine($"Model: {model.Id}");
}

Getting Your Auth0 Credentials

  1. For Development: Contact your Konnektr administrator to get development credentials
  2. For Production: Use the machine-to-machine application credentials provided by your organization
  3. For User Authentication: Implement the Authorization Code flow instead of client credentials

Testing Your Connection

Once you have your credentials set up, test the connection:

# Test basic connectivity
try:
    models = list(client.list_models())
    print(f"✅ Connected successfully! Found {len(models)} models.")
except Exception as e:
    print(f"❌ Connection failed: {e}")

Next Steps

Now that you're connected:

  1. Upload Models: Start with DTDL model definitions
  2. Create Twins: Instantiate your digital twins
  3. Build Relationships: Connect twins together
  4. Query Data: Use the query API to explore your graph
  5. Set up Events: Configure real-time event streaming

See our How-to Guides for detailed examples of each operation.

Setup

Previous Page

Digital Twins Definition Language (DTDL)

Next Page

Cookie Notice

We use cookies to enhance your browsing experience.