Leaf connects to Sentera using username/password authentication rather than OAuth. Once connected, Leaf syncs field boundary data for the Leaf user. Sentera is primarily used for field boundary management.
Prerequisites
- A Sentera account with the target organization.
- The grower’s
username and password for their Sentera account.
- The
organizationName within Sentera that the grower belongs to.
Setup steps
POST the credentials to Leaf:
curl -X POST \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"username": "grower-username",
"password": "grower-password",
"organizationName": "grower-org-name"
}' \
'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/sentera-credentials'
Credentials schema
Create request body:
| Field | Type | Required | Description |
|---|
username | string | Yes | The grower’s Sentera username |
password | string | Yes | The grower’s Sentera password |
organizationName | string | Yes | The Sentera organization name |
{
"id": "uuid",
"status": "str",
"createdTime": "yyyy-MM-dd'T'HH:mm:ss.SSSSSS'Z'",
"username": "str",
"authToken": "str",
"organizationId": "str",
"organizationName": "str"
}
authToken and resolves the organizationId from the provided organizationName after successful authentication.
Confirm the credentials are attached
Check the stored credentials for the Leaf user:
curl "https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/sentera-credentials" \
-H "Authorization: Bearer YOUR_TOKEN"
organizationId.
Endpoints
Base URL: https://api.withleaf.io/services/usermanagement/api
| Action | Method | Path |
|---|
| Get credentials | GET | /users/{leafUserId}/sentera-credentials |
| Create credentials | POST | /users/{leafUserId}/sentera-credentials |
| Delete credentials | DELETE | /users/{leafUserId}/sentera-credentials |
| Get credential events | GET | /users/{leafUserId}/sentera-credentials/events |
Troubleshooting
Use the events endpoint to inspect credential health:
curl -X GET \
-H 'Authorization: Bearer YOUR_TOKEN' \
'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/sentera-credentials/events'
Event logs are retained for 30 days. Once the credential is deleted or disassociated from the Leaf user, the logs are no longer available.
- Invalid credentials: If the grower changed their Sentera password, the credentials stored in Leaf become invalid. Delete and recreate with the new password.
- Organization not found: Verify the
organizationName matches exactly what’s configured in Sentera, including case sensitivity.
What to do next
