Obtaining Authorization to Use the API
Go Up to Developer Guide
To use the ER/Studio Team Server API, you need to follow these steps:
- Register your client application with Embarcadero to ensure that the client ID of your client application is not in conflict with the client ID of any other ER/Studio Team Server API client application.
- Register your client application in the target ER/Studio Team Server installation, so that ER/Studio Team Server administrators can keep track of your client application.
- Obtain an API access token that you can provide in your API requests to get access to certain parts of the API that you would be unable to access otherwise. ER/Studio Team Server provides three different flows to obtain an access token. Choose the flow that fits your client application best:
- Web Server Authorization Flow. This authorization flow is for client applications that are accessible via HTTP requests, such as web server applications.
- Embedded Web Browser Authorization Flow. This authorization flow is for client applications that can have an embedded web browser control (web view).
- Password Authorization Flow. This authorization flow is for client applications which users trust with their credentials. Your client application asks users for their credentials, and uses those user credentials to request an access token.
Once you have an access token, include it in all your API requests. For example: http://connect.example.com/api/v1/people?access_token=1/fFAGRNJru1FTz70BzhT3Zg
Along with an access token, you get a refresh token. You can use your refresh token to obtain a new access token, for example, when your current access token expires. If you obtain a new access token before your previous access token expires, consider revoking your previous access token.