The CSV API enables users to interrogate the datastore using a script or program, and receive data back as a stream of CSV (comma separated values) text, an empty string, or a return code. 


Permissions are required for XML and CSV APIs. You need to grant the API access permission (api-access group), or update group permissions to include the api/access permission for users who require access to the CSV and XML APIs.

We recommend the use of REST API for new integrations as it provides more control when retrieving data, and provides a range of additional features across its endpoints.


The CSV API is intended to be used by a script or program. It can also be accessed using a browser, or using the wget command, though these would generally be used for testing. When using a URL you should ensure that the entire URL is properly encoded. For example, special characters in the password might require encoding. The following section describes the parameters required and values returned when using the CSV API. The query is specified as a URL of the form:


If you are using an appliance with HTTPS redirection enabled, you must use an HTTPS URL in your scripts. The redirection script changes the HTTP request and the script will not work. To enable or disable HTTPS redirection, see Configuring HTTPS settings. The URL is entered on a single line. In these examples, appliance is the resolvable hostname or IP address of the appliance, search_string is a query string as recognized by the datastore, username and password are the user name and password of the BMC Discovery user.


During a typical HTTP request to the CSV API, the username and password is visible in plain text and can be recovered in order to gain unauthorized access to the BMC Discovery user interface.

  1. We recommend that you always use HTTPS access so that the username and password are not in plain text.
  2. You should always use a dedicated, read-only account for queries, and never use a high level account, such as system.

HTML URL Encoding

When constructing a URL string, care must be taken to properly encode characters that are not allowed in a URL, for example spaces:
A reference of encodings can be found here.

Was this page helpful? Yes No Submitting... Thank you