API keys. When SSO is enabled, to receive services from the ALM Platform, the application must provide an authentication token as a cookie in the request header. To obtain this token, you need to be authenticated by a mechanism outside of ALM.

You can use API keys to authenticate. Call the InitConnectionWithApiKey Method or InitConnectionWithApiKeyEx Method to initiate the connection and authenticate with an API key that you obtain from ALM administration. For details, see How to Manage API Keys.

Restricting API access (technical preview). You can restrict API access to an allow list of client types, using the OTA_ACCESS_APIKEY_ONLY site parameter. For details, see Login Method.