Logging into the API server

To interact with BMC Atrium Orchestrator through the REST API, you must log in and obtain an authentication token. Save the authentication token that you receive in the response to your logon request and include it in the header of each subsequent request during the session. The token is valid as long as your session remains active. The session time is defined by Atrium Single Sign-On parameters (see Managing the server configuration).

For information about Remedy Single Sign-On (Supported from BMC Atrium Orchestrator version 7.9.01 and later) session settings, see Remedy SSO server general configuration.

If your session times out due to inactivity, you must log on again and obtain a new token.

This topic includes the following sections:

• To log in and obtain an authentication token
• To log out from the API server
• Video demonstration
• Related topics

To log in and obtain an authentication token

1. Send the following HTTP request, replacing the parameters with appropriate values.
   HTTP method: Post

   Request URL:  https://<hostname>:<port>/<baocdp|baoap>/rest/login

   Note

   Executing the command from an AP is supported in BAO versions 7.9.01 and later.

   
   Body: <yourUsername>
            <yourPassword>

   Parameter	Description
   <hostname>:<port>/<baocdp|baoap>	The URL for the BMC Atrium Orchestrator component you are accessing, which includes the API server host name and corresponding port number. A URL should look like the following: To log into a CDP: https://<hostname>:<port>/baocdp For example https://bao-server.bmc.com:308080/baocdp To log into an AP: https://<hostname>:<port>/baoap For example https://bao-server.bmc.com:308080/baoap Note Executing the command from an AP is supported in BAO versions 7.9.01 and later.
   <yourUsername>	Your user name
   <yourPassword>	Your password

   You can see a screenshot of what this request looks like using the Firefox REST plugin in the example on this page.

   POST /rest/login
   Host: <hostname>:<port>/baocdp
   
   {
    "username" : "<yourUsername>",
    "password" : "<yourPassword>"
   }
   

   The response for a successful login looks like the following:

   {"login":"true"}

2. From the response, save the text string returned in the Authentication-Token: header. That text string is your authentication token.
   For example, in the following response, you would save the following:
   AQIC5wM2LY4SfcyLDAZyTRIKrqijnrmwYBF5LyyWnRWj0Kw.*AAJTSQACMDIAAlNLAAoxODI3MTY0MzQ0AAJTMQACMDE.*

   HTTP/1.1 200 OK
   Date: Wed, 11 Jan 2014 13:23:04 GMT
   Authentication-Token: AQIC5wM2LY4SfcyLDAZyTRIKrqijnrmwYBF5LyyWnRWj0Kw.*AAJTSQACMDIAAlNLAAoxODI3MTY0MzQ0AAJTMQACMDE.*
   Content-Type: application/json; charset=ISO-8859-1
   Content-Length: 2
   Server: Jetty(6.1.9)
   

3. In each subsequent request include the authentication token request header, as shown in the following example: 

   POST /rest/process/execute
   Host: <hostname>:<port>/baocdp
   Authentication-Token: AQIC5wM2LY4SfcyLDAZyTRIKrqijnrmwYBF5LyyWnRWj0Kw.*AAJTSQACMDIAAlNLAAoxODI3MTY0MzQ0AAJTMQACMDE.*
   

   
   

Example: Logging into the REST API server using the Firefox REST plugin

To log out from the API server

Send the following HTTP request with the authentication-token:

Video demonstration

The following BMC Communities video (7:30) is part one of a two-part series on using REST to execute workflows. This video demonstrates how to log into an API server, generate an authentication code, and use the code to get process details, execute a workflow (process), retrieve a list of active modules, and get a job's status. It covers the login and logout calls. 

 https://youtu.be/eOzND0JfrHc

The second part of the video demonstrates how to use the HTTP adapter to perform the same tasks and is available in the BMC Atrium Orchestrator Content wiki's HTTP adapter section.

Related topics

Login example

Logout example

HTTP-request-and-response-headers