API - Authentication - Generating an OAuth Bearer Token for Making API Calls

James Ressler
James Ressler
  • Updated

Author: James Ressler

Date: October 17, 2023

Audience: Everyone

Problem

Once SSO is enabled, basic Jama credentials will not work for making API calls.

Solution

Use the Jama UI to generate API credentials that can be used to get a bearer token. The bearer token can be used to make regular API calls.

Guide

Login to Jama Connect and navigate to your profile.

Screenshot 2023-10-17 at 10.23.12 AM.png

In your profile, select "Set API Credentials"

Screenshot 2023-10-17 at 11.46.24 AM.png

Enter a name for your new credentials and select "Create API Credentials"

IMPORTANT: Make sure to take note of your Client Secret now as it will not appear again

Screenshot 2023-10-17 at 11.47.31 AM.png

Now that you have generated the API credentials, you can use them to get a bearer token that can be used to make API calls.

cURL

Use this command to get your bearer token:

curl --request POST https://<CLIENT-ID>:<CLIENT-SECRET>@<BASE-URL>/rest/oauth/token --data grant_type=client_credentials

Example:

$ curl --request POST https://rbfogo319n6ibtb:c4gj8xhzx5fyej16bzv9l1brh@example.jamacloud.com/rest/oauth/token --data grant_type=client_credentials

{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJ0b2tlbl9pbmZvcm1hdGlvbiJdLCJleHAiOjE2OTc1NzMxNjQsImFwcGxpY2F0aW9uX2RhdGEiOnsiSkFNQV9DT1JFIjoiSnJlc3NsZXIifSwianRpIjoiNWRjYjgxNGMtZDMxYy00MzhiLTk1YjctYzdmMzBiZGZjYmQyIiwidGVuYW50IjoiamFtYXRlbmFudDQ4NzIwIiwiY2xpZW50X2lkIjoicmJmb2dvMzE5bjZpYnRiIn0.y6upl9Vun1DNGIRgQmb35Zd43Ba6EOi3nloksu4RMryMz075vPjzRL_QSajYQ-reLHSiKDrP3VmI0UYBeDZc1Qa5sfhjr2dXGZ0pa47gwoxLWEfUBwBcDruMeLRM0nyeb2GW06K0LRsSMpFWdowfnZFCG_Lge4E3k2h28EmrhUm8sEYv-zSMcZ6SNJ-lyvM1qU0EyrzzhARSJUaV9WKb-tI5_v1Hd8Yin4uo8oji-a8-FNTAFzM_7YmlEGCIhSLBHUTOwifoVVhHdoiIT4TEKLClaIdUTgjZ0p00x_uIgMjuqS9mx27cFC0ICnEXyMH-K8ltMAiWCzjW4EtGY-Anzw","token_type":"bearer","expires_in":3599,"scope":"token_information","application_data":{"JAMA_CORE":"example"},"tenant":"jamatenant00000","jti":"5dcb814c-d31c-438b-95b7-c7f30bdfcbd2"}%

Test out your bearer token by making an API call:

curl --request GET https://<BASE-URL>/rest/v1/users/current --header "Authorization: Bearer <BEARER-TOKEN>"

Example:

$ curl --request GET https://example.jamacloud.com/rest/v1/users/current --header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJ0b2tlbl9pbmZvcm1hdGlvbiJdLCJleHAiOjE2OTc1NzMxNjQsImFwcGxpY2F0aW9uX2RhdGEiOnsiSkFNQV9DT1JFIjoiSnJlc3NsZXIifSwianRpIjoiNWRjYjgxNGMtZDMxYy00MzhiLTk1YjctYzdmMzBiZGZjYmQyIiwidGVuYW50IjoiamFtYXRlbmFudDQ4NzIwIiwiY2xpZW50X2lkIjoicmJmb2dvMzE5bjZpYnRiIn0.y6upl9Vun1DNGIRgQmb35Zd43Ba6EOi3nloksu4RMryMz075vPjzRL_QSajYQ-reLHSiKDrP3VmI0UYBeDZc1Qa5sfhjr2dXGZ0pa47gwoxLWEfUBwBcDruMeLRM0nyeb2GW06K0LRsSMpFWdowfnZFCG_Lge4E3k2h28EmrhUm8sEYv-zSMcZ6SNJ-lyvM1qU0EyrzzhARSJUaV9WKb-tI5_v1Hd8Yin4uo8oji-a8-FNTAFzM_7YmlEGCIhSLBHUTOwifoVVhHdoiIT4TEKLClaIdUTgjZ0p00x_uIgMjuqS9mx27cFC0ICnEXyMH-K8ltMAiWCzjW4EtGY-Anzw"

{"meta":{"status":"OK","timestamp":"2023-10-17T19:07:00.950+0000"},"links":{},"data":{"id":13,"username":"jsmith","firstName":"John","lastName":"Smith","email":"jsmith@jamasoftware.com","phone":"","title":"","location":"","licenseType":"NAMED","active":true,"uid":"u13","customData":[],"type":"users"}}%

Postman

Select "OAuth 2.0" under the Authorization tab.

Screenshot 2023-10-17 at 2.01.18 PM.png

Next, fill out the following fields in the "Configure New Token" form:

Field Value
Token Name <ANY-NAME>
Grant Type Client Credentials
Access Token URL https://<BASE-URL>/rest/oauth/token
Client ID <CLIENT-ID>
Client Secret <CLIENT-SECRET>
Scope <empty>
Client Authentication Send as Basic Auth header

Screenshot 2023-10-17 at 2.08.24 PM.png

Once that form is filled out, select "Get New Access Token" and you should be presented with a window like this after a few seconds.

Screenshot 2023-10-17 at 2.09.12 PM.png

You may select "Use Token" now or select from the dropdown menu in the "Current Token" form.

Screenshot 2023-10-17 at 2.09.36 PM.png

Now, you can test your bearer token by making a request.

Screenshot 2023-10-17 at 2.12.34 PM.png

Additional Documentation and Resources: 

Related to

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.