Access and authentication for the REST API

Requests to all endpoints in the REST API must be on behalf of a BMC Helix Continuous Optimization user that you create in BMC Helix Portal. Before processing a request, the API authenticates the request to determine the user. After successful authentication, a permission check decides whether the user is allowed to perform the requested action. 



Related topics

Performing-the-capacity-management-tasks-by-using-REST-APIs

Continuous-Optimization-REST-API-endpoints

The following flow chart explains the authentication process for accessing an API endpoint:

api_auth_flow_chart.png


To access the API endpoint, perform these tasks:

Example of generating the JWT by using Postman

The following procedure explains how to use the Postman API client to generate the JWT to be used for authentication.

  1. Obtain the access and secret keys as described in Setting up access keys for programmatic access.

  2. Open the Postman REST API client.
  3. Add a new request, and perform these steps:
    1. Select the operation as POST.
    2. Enter the following URL:
      https://<BMC Helix Portal URL>/ims/api/v1/access_keys/login
      Example: https://host1.bmc.com/ims/api/v1/access_keys/login

    3. On the Body tab, select raw, and add the following access and secret keys that you obtained in step 1 in this format:

      {
       "access_key": "string",
       "access_secret_key": "string"
      }

      Example:

      {
       "access_key": "A23G7QQYCGQW9Z2ZYXV67GB7K0PPNTU",
       "access_secret_key": "2pcTmpbOVZFPj9FiSV5NWEOUMgbujtVPm9slQ43hIgBuEYbitu"
      }
    4. From the list, select JSON.
  4. Click Send.
    The API response includes the token.
  5. From the json web token parameter, copy the token.

Example of using the JWT for authentication by using Postman

The following procedure explains how to use the token for authentication for accessing the API to fetch the status of the agent data service.

  1. Open the Postman REST API client.
  2. Add a new request, and perform these steps:
    1. Select the operation as GET.
    2. Enter the following URL:
      https://<BMC Helix Portal URL>/opt/api/agentdata/about
      Example: https://host1.bmc.com/opt/api/agentdata/about
    3. On the Authorization tab, select type as Bearer Token.
    4. In the Token box, add the token.
  3. Click Send.
    The API response containing the service status is received.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*