This article explains the API key pair and how to generate an authentication token. This feature is available only to admin users of enterprise accounts. The content in this article is intended for developers.
This article contains the following sections:
- Authentication in the QA API
- How to Generate an API Key Pair
- How to Generate an Authentication Token for Testing
Authentication in the QA API
Like most APIs, the QA API requires you to use an API key pair (a client ID value and a client secret value) to generate an authentication token. Using the token, you can retrieve the data from the correct account and authenticate that your user is allowed to access the information.
An admin user of your enterprise account can generate the API key pair from the management dashboard. We recommend creating a special admin user in your account to be your API user. Then, the developer writes code that uses the key pair to generate a token.
Each admin user has a distinct API key pair and can generate a new key pair at any time. Generating a new key pair revokes access to the old key pair, so it is a good way to remove access to the account information.
Important: If an admin generates a new API key pair while the old key pair is still being used by existing integration code, your integration will stop working until you update the key pair values in the code.
How to Generate an API Key Pair
Use the following steps to generate an API key pair:
- From the dashboard, click the building icon on the top left. Then click Settings from the left navigation.
The Settings & Integrations screen appears. - Click the API tab.
Tip: Alternately, you can click this link to the API tab to go to there directly.
- Click Generate new keys. The system generates a Client ID and Client Secret and shows them on the screen.
In the next procedure, you use the client ID and client secret in your code to generate an authentication token.
How to Generate an Authentication Token for Testing
The following example shows how you can generate and receive an authentication token. The token you generate lasts only 10 hours. Your full automation must periodically generate new tokens on its own.
For QA accounts, the following code sample generates an authentication token using the CURL command-line utility:
curl --data "grant_type=client_credentials&client_id={client_id}&client_secret={client_secret}" https://cloudacademy.com/oauth2/token/
For QA accounts, use the following code sample instead:
curl --data "grant_type=client_credentials&client_id={client_id}&client_secret={client_secret}" https://app.qa.com/oauth2/token/
When you enter this code at the command line, you must replace {client_id} and {client_secret} with the values you retrieved in the last procedure.
The response should look similar to the following:
{"access_token": "bXmeFlEGYpUQDGDYXTEHyOuiR8iFbi", "token_type": "Bearer", "expires_in": 36000, "scope": "all"}
Now you can use the response values, in this example, Bearer bXmeFlEGYpUQDGDYXTEHyOuiR8iFbi, in your subsequent API requests.
Comments
0 comments
Please sign in to leave a comment.