API access

For applications to access ALM Octane, you must grant them registered access keys. These applications use the access keys for authentication when communicating as clients with ALM Octane.

Overview

Applications that need authentication include:

  • The Application Automation Tools and Application Automation Tools plugins. For details, see Install and configure the plugin on your CI server.

  • The interactive API client.

  • Other 3rd party applications and APIs that need to integrate with ALM Octane, such as those that are located behind a firewall.

When granting access, two keys are generated:

  • Client ID.

  • Client secret.

The secret key is like a user password, and you must record it securely. ALM Octane generates each secret key once only, and it cannot be retrieved at a later time. If a new secret key is needed, revoke the Access key, and regenerate a new one. For details, see Revoke API access and Regenerate API access.

You can set an expiration date for existing API keys and when creating new ones. This can be useful if you want to provide a third-party with API access for a limited time.

Note: For details on creating API access keys through the REST API, see Working with API access keys (technical preview).

Back to top

Integration types

When providing API access to applications, integration types are automatically assigned to each application. The default integration type is 3rd-party integration. Other integration types may be assigned, based on the roles you assign to the application.

When viewing the list of applications that have been granted API access in the grid, you can see each application's integration type, but you cannot modify the type. You can access the grid here: Settings > Spaces > API Access.

Note: Most roles can be customized. Roles and their permissions might be different for your organization.

Integration type Description Role
CI/CD Integration

This type enables CI/CD servers such as Jenkins and TeamCity to integrate with ALM Octane.

This integration connects with ALM Octane on the shared space level. It can access any workspace on which the CI/CD Integration role is assigned.

CI/CD Integration
3rd-party Integration

This type enables 3rd-party applications to freely integrate with ALM Octane. You can use this integration type as a default, and define roles, to get exactly the access the application needs.

This integration operates on any workspace or space.

Any role can be assigned

Back to top

Create API access keys

This section describes how to create API access keys.

  1. In Settings > Spaces, select a space.

  2. In the API Access tab, click +.

  3. Provide a name for the access key.

    Note: The name of the API access key can include only English characters.

  4. (Optional) Set an expiration date for the API key, and enter a description if needed.

  5. Select the roles for the applications to use when accessing ALM Octane. For a description of the predefined roles, see Predefined roles.

    Note: For API access keys used for CI server integration, you must assign the CI/CD Integration role. These keys are used by the plugins that support CI integration, and when using the REST API to manage pipelines.

    For each role, select all of the relevant workspaces. If additional relevant workspaces are created later, you will need to manually assign them.

    You can select more than one role by clicking Add role to assign.

    Note: Most roles can be customized. Roles and their permissions might be different for your organization.

  6. Click Add.

    • A dialog box opens with a Client ID and a Client secret.

      Click Copy to save these keys to the clipboard and make them available when configuring the applications that need to access ALM Octane.

      Tip: This is the only time that the newly generated key will be visible. You must either use it immediately, or save it somewhere for later use.

      Click OK.

    • The access ID is added to the grid with an Active status.

Back to top

Modify API access keys

This section describes how to modify API access keys.

  1. In Settings > Spaces, select a space.

  2. In the API Access tab, select the access that you want to modify.

  3. You can modify the name, expiration date, and description of the access.

    Note: The name of the API access key can include only English characters.

    You can also modify the list of roles and workspaces that a set of keys can access.

Back to top

Revoke API access

This section describes how to revoke API access keys.

  1. In Settings > Spaces, select a space.

  2. In the API Access tab, select the row with the access you want to revoke.

  3. Click Revoke access. The access is revoked immediately and a Removed icon is displayed in the Active column.

You can regenerate access if necessary. See Regenerate API access.

Back to top

Regenerate API access

This section describes how to regenerate API access keys.

  1. In Settings > Spaces, select a space.

  2. In the API Access tab, select the row of the access that was revoked or needs to be regenerated.

  3. Click Regenerate access.

    • A dialog displays with a newly-registered Client secret for the selected Client ID.

      Click Copy to copy these keys to the clipboard so you can use them when configuring the applications that need to access ALM Octane.

      Click OK.

    • The access ID is added to the grid with an Active status.

Back to top

Set an email address for API access

If an integration using an API access key will be sending out emails, you can define the email address that should be used for this purpose. Set the value of the SMTP_NOTIFICATION_SENDER_EMAIL configuration parameter to the email address. For details, see SMTP_NOTIFICATION_SENDER_EMAIL.

Back to top

See also: