Set up API access
For applications to access ALM Octane, you must grant them registered access keys. These applications use the access keys for authentication when communicating as clients with ALM Octane.
Shared space admin permissions are required.
Overview
Applications that need authentication include:
-
The ALM Octane CI and HPE Application Automation Tools plugins. For details, see Obtain API Access. Ask your shared space admin for an API access Client ID and Client secret. The plugin uses these for authentication when communicating with ALM Octane. .
-
The interactive API client.
-
Other 3rd party applications and APIs that need to integrate with ALM Octane, such as those that are located behind a firewall.
When granting access, two keys are generated.
-
Client ID.
-
Client secret. The secret key is like a user password, and you must record it securely.
Tip: ALM Octane generates each secret key once only, and the secret key cannot be retrieved later. If a new secret key is needed, revoke the Access key, and then regenerate access. For details, see Revoke API access and Regenerate API access.
Integration types
When providing API access to applications, integration types are automatically assigned to each application. The default integration type is 3rd-party integration. Other integration types may be assigned, based on the role you assign to the application.
When viewing the list of applications that have been granted API access in the grid, you can see each application's integration type, but you cannot modify the type.
| Integration type | Description | Role |
|---|---|---|
| CI/CD Integration |
This type enables CI/CD servers such as Jenkins and TeamCity to integrate with ALM Octane. This integration connects with ALM Octane on the shared space level. It can access any workspace on which the CI/CD Integration role is assigned. |
CI/CD Integration |
| 3rd-party Integration |
This type enables 3rd-party applications to freely integrate with ALM Octane. You can use this integration type as a default, and define roles, to get exactly the access the application needs. This integration operates on any workspace or space. |
Any role can be assigned |
| Integration Bridge |
The Integration Bridge for ALM Octane is a component installed on the customer system to mediate between ALM Octane and applications located behind firewalls, enabling two-way communication between the two. This type enables the communication between the Integration Bridge and ALM Octane. This integration operates on the space level. For details on how to install and configure the bridge, see Set up the Integration Bridge. SaaS: For details on having ALM Octane Support install and configure an Integration Bridge for you, see Synchronization overview. |
Integration Bridge |
SaaS: Internal integration types
Some applications are internal to ALM Octane and are assigned integration types accordingly.
You cannot create or edit these API keys, but you may see them in the API Access grid and you can manage them there.
The shared space admin can regenerate the keys if necessary, but cannot revoke them.
| Integration type | Description | Role |
|---|---|---|
| Bridge Service | This type operates on the space level. | Integration Bridge Service |
| Synchronizer Service | This type is assigned to all workspaces. | Synchronizer Service |
| Octane2BridgeService | This type operates on the space level. | Octane2BridgeService |
Create API access keys
-
In Settings
, select Spaces and select the space. -
In the API Access tab, click +.
-
Provide an appropriate name for the access. You can also add a description.
Caution: The name of the API access key can include only English characters.
-
Select the roles for the applications to use when accessing ALM Octane. For a description of each role, see What roles are available?.
Note: For API access keys used for CI server integration, you must assign the CI/CD Integration role. These keys are used by the plugins that support CI integration, and when using the REST API to manage pipelines.
For API access keys used by the Integration Bridge, you must assign the Integration Bridge role. This role does not require selecting a workspace.
For each role, select all of the relevant workspaces. If additional relevant workspaces are created later, you will need to manually assign them.
You can select more than one role by clicking Add role to assign.
-
Click Add.
-
A dialog displays with a Client ID and a Client secret.
Click Copy to copy these keys to the clipboard so you can use them when configuring the applications that need to access ALM Octane.
Click OK.
-
The access ID is added to the grid. Note that its status is active
.
-
Modify API access keys
-
In Settings
, click Spaces and then select the space. -
In the API Access tab, select the access that you want to modify.
-
You can modify the name or description of the access.
Caution: The name of the API access key can include only English characters.
You can also modify the list of roles and workspaces that this set of keys can access.
Revoke API access
-
In Settings
, click Spaces and then select the space. -
In the API Access tab, select the row with the access you want to revoke.
SaaS: You cannot revoke or delete access for service access keys, such as Bridge service or Synchronizer Service. You can, however, regenerate service access keys.
-
Click Revoke access. The access is revoked immediately and
is displayed in the Active column.
You can regenerate access if necessary. See Regenerate API access.
Regenerate API access
-
In Settings
, click Spaces and then select the space. -
In the API Access tab, select the row of the access that was revoked or needs to be regenerated.
-
Click Regenerate access.
-
A dialog displays with a newly-registered Client secret for the selected Client ID.
Click Copy to copy these keys to the clipboard so you can use them when configuring the applications that need to access ALM Octane.
Click OK.
-
The access ID is added to the grid. Note that its status is active
.
-
See also:
