Authentication and authorization - BlueCat Integrity - 9.5.0

Address Manager Legacy v1 API Guide

Product name
BlueCat Integrity

Address Manager uses token-based authentication and authorization. Once generated, the token must be used when invoking every subsequent v1 API method in Address Manager.

Generating a token

You must generate the authentication and authorization token by invoking the login v1 API method. You must use an API user account to access the Address Manager v1 API. If your credentials are invalid, it will fail with an error. For more information about login and logout methods, refer to GET /v1/login.

Login format:
http://<AddressManager_IP or hostname>/Services/REST/v1/login?username=<username>&password=<password>

Output / Response

The body of the JSON response for the above v1 API method will be in the "Session Token-> ${ACTUAL_TOKEN} <- for User : ${USERNAME_PASSED}" and it can be used to extract the authorization token.

The ACTUAL_TOKEN is comprised of the keyword BAMAuthToken and a dynamically generated token hash. For example, “BAMAuthToken: 4bippMTQ1ODAzNzgwNjE0MzphcGk=”.

Authorizing v1 API methods

The generated authorization token must be passed when invoking any v1 API method. The token needs to be passed as an Authorization property in the request header.

Configuring the token timeout

The generated token shares the same timeout as the Address Manager session. You can change this behavior according to your use case. Refer to Setting user session time out values in the Address Manager Administration Guide.