This documentation supports the 19.08 version of BMC CMDB.

To view an earlier version, select the version from the Product version menu.

Access and authentication for the REST API

BMC CMDB follows BMC Remedy AR System's authentication mechanism. All REST API calls must be authenticated. Instead of passing the full credentials on every REST API call, REST uses a token. The token is valid for a configurable amount of time and acts like a temporary password. 

For more information, see  Authentication and permissions in the REST API

Connections by HTTP and HTTPS

By default, access to the REST API is over HTTP.  However, on the HTTPS configuration page, you can enable API access over HTTPS.

For  more information about configuring HTTP(S), see  Configuring the REST API by using SSL certificates .


When you upgrade to BMC Remedy AR System 9.1.04, the previous configurations in the jetty-selector.xml file are ineffective. You must reconcile the configuration from the jetty-selector.xml file to the jetty-http.xml file.

Related topics

Using BMC CMDB functions in an external application with the REST API

Enabling OAuth authentication

Endpoints in the REST API

Was this page helpful? Yes No Submitting... Thank you