What's new

The following new features and enhancements were implemented to REST APIs in the domain and project level.

ALM 24.1 P1

When using comparison operators in query filters, you can use either abbreviations or symbols to represent comparison relationships.

OpenText recommends that you use abbreviations instead of symbols. For example, use GT instead of > to represent "greater than".

For details, see Filtering a Collection of Entities.

Back to top

ALM 24.1

Includes the following updates:

New APIs for customizing project lists

New REST APIs are now available for customizing project list:

  • GET /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists. Gets project lists in use

  • GET /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists/{list-id}. Gets details of a project list

  • POST /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists/{list-id}/items. Adds an item to a project list

  • PUT /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists/{list-id}/items/{item-id}.Renames an item of a project list

  • POST /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists/{list-id}/items/{item-id}. Adds a sub-item to an item of a project list

  • DELETE /qcbin/v2/rest/domains/{domain}/projects/{project}/customization/used-lists/{list-id}/items/{item-id}. Deletes an item of a project list

For details, see used-lists/{list-id}.

Use POST method for logout REST APIs

The GET method for logout REST APIs is now disabled by default. Use the POST method instead.

Impacted REST APIs include:

  • /qcbin/authentication-point/logout

  • /qcbin/authentication/sign-out

For details, see logout.

Back to top

ALM 17.0.1

New API to verify authentication

The new /qcbin/v2/rest/is-authenticated REST API was introduced, enabling you to verify if a user is authenticated. It supports both JSON and XML response formats.

We recommend you use this one instead of the old /qcbin/rest/is-authenticated API.

For details, see is-authenticated (Recommended).

Back to top

ALM 17.0

Includes the following updates:

The order-by clause supports case insensitive sorting

You can now use the order-by clause to sort returned items by fields in an case insensitive way.

For details, see order-by Clause: Sort Results.

Enhanced /qcbin/authentication-point/alm-authenticate

The /qcbin/authentication-point/alm-authenticate authentication method now supports JSON.

This is the recommended method to get authenticated.

For details, see alm-authenticate.

Potential deprecations

The following authentication methods will be deprecated in a future version. We recommend you stop using them.

  • /qcbin/authentication-point/authenticate

  • /qcbin/api/authentication/sign-in

To get authenticated, use the /qcbin/authentication-point/alm-authenticate authentication method.

Back to top

ALM 16.00

Send X-XSRF-TOKEN header with all requests

After getting authenticated, you should send the X-XSRF-TOKEN header in all your subsequent REST API calls, except for the ones that use the GET HTTP method. Otherwise, you cannot access ALM resources using ALM REST APIs.

For details, see Send X-XSRF-TOKEN header with all requests.

Back to top

ALM 15.5.1


  • Get a test execution by ID: GET /qcbin/rest/domains/{domain/projects/{project}/test-executions/{ID}

    For details, see test-executions/{ID}.

  • Create a test execution: POST /qcbin/rest/domains/{domain/projects/{project}/test-executions

    For details, see test-executions Collection.

  • Check ALM server health: GET /qcbin/healthcheck

    For details, see health check.

Back to top