What's new

The following new features and enhancements were implemented to REST APIs in the domain and project level.

ALM 24.1

Use POST method for logout REST APIs

The GET method for logout REST APIs is now disabled by default. Use the POST method instead.

Impacted REST APIs include:

/qcbin/authentication-point/logout

/qcbin/authentication/sign-out

For details, see logout.

ALM 17.0.1

New API to verify authentication

The new /qcbin/v2/rest/is-authenticated REST API was introduced, enabling you to verify if a user is authenticated. It supports both JSON and XML response formats.

We recommend you use this one instead of the old /qcbin/rest/is-authenticated API.

For details, see is-authenticated (Recommended).

ALM 17.0

Includes the following updates:

The order-by clause supports case insensitive sorting

You can now use the order-by clause to sort returned items by fields in an case insensitive way.

For details, see order-by Clause: Sort Results.

Enhanced /qcbin/authentication-point/alm-authenticate

The /qcbin/authentication-point/alm-authenticate authentication method now supports JSON.

This is the recommended method to get authenticated.

For details, see alm-authenticate.

Potential deprecations

The following authentication methods will be deprecated in a future version. We recommend you stop using them.

/qcbin/authentication-point/authenticate
/qcbin/api/authentication/sign-in

To get authenticated, use the /qcbin/authentication-point/alm-authenticate authentication method.

ALM 16.00

Send X-XSRF-TOKEN header with all requests

After getting authenticated, you should send the X-XSRF-TOKEN header in all your subsequent REST API calls, except for the ones that use the GET HTTP method. Otherwise, you cannot access ALM resources using ALM REST APIs.

For details, see Send X-XSRF-TOKEN header with all requests.

ALM 15.5.1

New REST APIs: