API key authentication provides a secure authentication mechanism for external applications accessing ALM's API.
The ALM site administrator generates and manages the list of API keys for ALM. For details, see How to Manage API Keys.
- Each API key includes a Client ID and an API Key for applications to use when authenticating.
- Each API key is associated with an ALM user. Therefore, when an application uses an API key to access ALM, the application is limited by its user's permissions.
- You can use an API key to access ALM only if it is currently listed as active in the list of API keys.
When writing ALM extensions or API scripts, obtain a Client ID and API Key from the administrator, and use them for authentication. For details on API key authentication when using REST and OTA, see the API References.