Obtaining Authorization to Use the API

Go Up to Developer Guide

To use the Team Server API, you need to follow these steps:

1. Register your client application with IDERA to ensure that the client ID of your client application is not in conflict with the client ID of any other Team Server API client application.
2. Register your client application in the target Team Server installation, so that Team Server administrators can keep track of your client application.
3. Obtain an API access token that you can provide in your API requests to get access to certain parts of the API that you would be unable to access otherwise. Team Server provides three different flows to obtain an access token. Choose the flow that fits your client application best:

   Note: All workflows require the credentials of a social user account; non-social users cannot access the Team Server API.

   • Web Server Authorization Flow. This authorization flow is for client applications that are accessible via HTTP requests, such as web server applications.
   • Embedded Web Browser Authorization Flow. This authorization flow is for client applications that can have an embedded web browser control (web view).
   • Password Authorization Flow. This authorization flow is for client applications which users trust with their credentials. Your client application asks users for their credentials, and uses those user credentials to request an access token.

Once you have an access token, include it in all your API requests. For example: http://connect.example.com/api/v1/people?access_token=1/fFAGRNJru1FTz70BzhT3Zg

Along with an access token, you get a refresh token. You can use your refresh token to obtain a new access token, for example, when your current access token expires. If you obtain a new access token before your previous access token expires, consider revoking your previous access token.

See Also

• Browsing Resources Using the API
• Managing Resources Using the API
• Registry API
• Client API
• OAuth 2.0 API