API user roles require authentication tokens for authentication to call APIs. An authentication token (the
apikeysendpoint) consists of a (usually secret) string that authenticates REST calls and associated properties. An authentication token is a (typically) long string with two nodes, such as
abcdefg:1. In this example,
CA Live API Creatormaps the second node to your roles for authorization. You can assign an authentication token to one or more API user roles.
Authentication tokens are required for almost all REST calls, with a few exceptions, such as the
@authenticationresource endpoint (since its purpose is to obtain an auth token), the
@heartbeatresource endpoint, and the
@licenseresource endpoint. Calls that do not include an auth token are returned with HTTP status code 401.
For more information:
- About authorization, see Authorization.
- About how to generate API user authentication, including information about obtaining an auth token automatically during sign-on using the@authenticationresource endpoint, see Authentication.
- About how to assign an authentication token to a user role, see Manage Users using the Built-in Authentication Provider.
The following table includes the
The unique identifier for this authentication token.
The date and time this authentication token was created or last modified.
The name for the authentication token.
The description for the authentication token.
The actual authentication token. On insertion, if you want
CA Live API Creatorto generate the authentication token, leave this value blank, or if you want a fixed authentication token, enter a value.
If specified, the date and time at which this authentication token becomes invalid.
A comma-separated list of logging levels for the various loggers. For example:
If all loggers should be at the same level, you can also use the following syntax:
For more information about logging levels, see View Logging Information.
If specified, the identifier for the API user (typically some sort of user name or user ID). Ideally, this attribute allows the identification of the API user, but that is not required.
If specified, a comma-separated list of name/value pairs that are available in the security context for this authentication token, for example:
Indicates who created this authentication token. A value of
means that the authentication service created it.
The ident of the API that contains this authentication token.