Authenticate
Description
Logs the user on to the server and returns the LW-SSO, Light Weight Single Sign On cookie (and QCSession cookie in versions earlier than 2020) for use with all subsequent requests.
For external applications, it logs the user on to the server using the ClientIdKey or ClientSecretKey pair and returns the LW-SSO, Light Weight Single Sign On cookie for use with all subsequent requests.
URL
Authenticate (GET)
When logging on to LoadRunner Enterprise Administration using basic authentication, the URL should be in the format:
/Admin/rest/authentication-point/authenticate
If you are using a multi-tenancy system (versions 2020 SP2 and later), the tenant Unique ID should be added to the URL in the format:
/Admin/rest/authentication-point/authenticate?tenant=tenant_UID
Example:
GET /Admin/rest/authentication-point/authenticate?tenant=fa128c06-5436-413d-9cfa-9f04bb738df3
AuthenticateClient (POST)
Available in versions: LoadRunner Enterprise 2021 R1 and later
When logging on to LoadRunner Enterprise Administration from an external application, the URL should be in the format:
/Admin/rest/authentication-point/AuthenticateClient
If you are using a multi-tenancy system, the tenant Unique ID should be added to the URL in the format:
/Admin/rest/authentication-point/AuthenticateClient?tenant=tenant_UID
Example:
POST /Admin/rest/authentication-point/AuthenticateClient?tenant=fa128c06-5436-413d-9cfa-9f04bb738df3
Remarks
Authenticate (GET)
This is used for LoadRunner Enterprise's internal (Application) authentication.
To create the request header, encode the string "<user name>:<password>" using Base64. The request header text is "Authorization: Basic <encoded user:password>".
In the header of each request after authentication, your application passes the cookies returned by the authenticate resource.
When your application has completed its work, call logout to release the log-on and session.
For versions earlier than 2020: The tokens time out according to the System Administration settings from Application Lifecycle Management, by default after one hour of inactivity. The LW-SSO token is self-contained.
AuthenticateClient (POST)
This request extends the LoadRunner Enterprise REST API by providing a secure authentication mechanism to run automation tests for users with LDAP and SSO authentication types, and for external applications to access LoadRunner Enterprise's API.
The LoadRunner Enterprise site administrator configures a unique pair of ClientIdKey and ClientSecretKey keys for a specific user, which enables that user to login using a REST API. For details, see Set up API access in the LoadRunner Enterprise Help Center.
In the header of each request after authentication, your application passes the cookies returned by the AuthenticateClient resource.
HTTP Method
GET: Returns the LW-SSO cookie (and QCSession cookie in versions earlier than 2020) when logging on using LoadRunner Enterprise's internal (Application) authentication.
POST: Returns the LW-SSO cookie when logging on from an external application (available in versions 2021 R1 and later).
Request
Headers:
GET: Authorization: Basic <encoded user:password>
POST: For external applications, one of:
Content-Type: application/xml
Content-Type: application/json
Cookies:
None
Request Body:
GET: None
POST: An XML describing the API access key pair (ClientIdKey, ClientSecretKey) generated by the LoadRunner Enterprise site administrator.
The fields in the request are:
Element | Description |
---|---|
ClientIdKey | The client ID string for communicating with LoadRunner Enterprise. |
ClientSecretKey | The secret key for communicating with LoadRunner Enterprise. |
GET /Admin/rest/authentication-point/authenticate
Authorization: Basic c2E6
XML example:
POST http://my-server:8080/Admin/rest/authentication-point/AuthenticateClient?tenant=fa128c06-5436-413d-9cfa-9f04bb738df3
Content-Type: application/xml
<AuthenticationClient>
<ClientIdKey>
I_KEY_da6cf229-cd61-46b8-9937-78bcac567155
</ClientIdKey>
<ClientSecretKey>
S_KEY_e6b64fd9-29d0-4641-8ceb-36c154e5cd19
</ClientSecretKey>
</AuthenticationClient>
POST http://my-server:8080/Admin/rest/authentication-point/AuthenticateClient?tenant=fa128c06-5436-413d-9cfa-9f04bb738df3Content-Type: application/json
{ "ClientIdKey": " I_KEY_da6cf229-cd61-46b8-9937-78bcac567155", "ClientSecretKey": " S_KEY_e6b64fd9-29d0-4641-8ceb-36c154e5cd19"}
Response
Headers:
None
Cookies:
Versions 2023 and later | ADM_LWSSO={ADM_LWSSO_COOKIE_VALUE}; |
Versions 2022 - 2022 R2 | ADM_LWSSO={ADM_LWSSO_COOKIE_VALUE}; ASP.NET_SessionId_Adm={ASP.NET_SessionId_Adm_COOKIE_VALUE}; LWSSO_COOKIE_KEY={LWSSO_COOKIE_KEY_COOKIE_VALUE}; |
Versions 2021 - 2021 R2 | ADM_LWSSO={ADM_LWSSO_COOKIE_VALUE}; ASP.NET_SessionId_Adm={ASP.NET_SessionId_Adm_COOKIE_VALUE}; |
Versions 2020 - 2020 SP3 | ADM_LWSSO={ADM_LWSSO_COOKIE_VALUE}; |
Versions earlier than 2020 | LWSSO_COOKIE_KEY={LWSSO_COOKIE_KEY_COOKIE_VALUE}; QCSession={QC_SESSION_COOKIE_VALUE}; |
HTML Return Code:
One of the HTTP Return Codes
Upon successful authentication, returns HTTP status 200 (OK).
HTML Body:
None
See Also