Download OpenAPI specification:Download
FlexNet Operations Access Tokens API
A REST Controller for creating access tokens to be used as bearer authentication tokens for calling FlexNet Operations APIs (SOAP and REST). This REST web service also supports reading, updating, searching, rotating, and deleting tokens.
FlexNet Operations uses different token types to manage different access levels and operations:
To create and manage IMPERSONATED tokens, users require the Create Impersonated Token permission and a Manage Users permission.
Use this API to create an access token.
The response includes the token value. This is the only time the token value is displayed. The value must be included as a Bearer token in the Authorization HTTP header for authorization requests.
Typically, an access token has the following attributes:
When a username is provided for the creation of a NORMAL token, that username is ignored when calling an API. Instead, the user calling the API is authenticated.
reqBody
OK
{- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenName": "string",
- "tokenType": "NORMAL",
- "username": "string"
}
{- "responseObject": {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "tokenValue": "string",
- "username": "string"
}, - "statusMessage": "string"
}
Use this API to very if a token is valid. Pass the token value in the request body. The response shows if the token is valid, along with information about the token.
Only the token creator can verify IMPERSONATED tokens. If you do not have the Create Impersonated Token and relevant Manage Users permissions, the API returns obfuscated values.
OK
{- "accessToken": "string"
}
{- "responseObject": {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "username": "string"
}, - "statusMessage": "string"
}
Use this API to fetch the details of an access token identified by its name.
OK
{- "responseObject": {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "username": "string"
}, - "statusMessage": "string"
}
Use this API to update some of the attributes of a specified access token. Specify the name of the token that you want to update in the path (case sensitive).
In the request body, specify the new values. You can update the following token attributes:
Only the token creator or another privileged user can update an IMPERSONATED token. You cannot edit an expired token or set the token expiry to a time in the past.
reqBody
OK
{- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenName": "string"
}
{- "body": { },
- "statusCode": "100",
- "statusCodeValue": 0
}
Use this API to delete an access token. Pass the name of the token to be deleted as a path parameter. The token name is case sensitive.
A deleted token can no longer be used to access the APIs.
Only the token creator can delete a token; this means that only users with the Create Impersonated Token and relevant Manage Users permission can delete IMPERSONATED tokens.
OK
{- "body": { },
- "statusCode": "100",
- "statusCodeValue": 0
}
Token rotation means that a token's value is changed, but no other properties. Pass the name of the token to be rotated as a path parameter. The token name is case sensitive.
The response contains the new token value. Make a note of the token value; this is the only time that the new value is displayed.
It is recommended to frequently rotate access tokens, but care should be exercised to not break any integrations you may have.
OK
{- "responseObject": {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "tokenValue": "string",
- "username": "string"
}, - "statusMessage": "string"
}
Use this API to get a list of all non-expired access tokens for a specified user.
You must specify either the username or the tokenCreator parameter as search criteria.
If you pass values for both parameters in the same request, the API returns a list of all non-expired tokens that match both parameters.
If you do not have the Create Impersonated Token and relevant Manage Users permissions, the API returns obfuscated values.
Tip: If you want a more fine-grained search, use /tokens/search.
OK
{- "responseObject": [
- {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "username": "string"
}
], - "statusMessage": "string"
}
Use this API to get a count of all non-expired access tokens for a specified user.
You must specify either the username or the tokenCreator parameter as search criteria.
Tip: Use this API to specify values for the pagination parameters of the /tokens API.
OK
{- "responseObject": 0,
- "statusMessage": "string"
}
Get a list of all non-expired access tokens that match specified search criteria.
You must specify at least one of the following search criteria. If you pass multiple parameters as search criteria,
the API returns non-expired tokens that match all parameters.
If you do not have permission to view a given token, its details are returned as masked
entries.
The format for expiresBefore, expiresLaterThan and issuedBefore is *y *M *d *h *m, where
y=years, M=months, d=days, h=hours, m=minutes (case sensitive), and * representing any number.
In addition to the search criteria above you must also specify the following parameters:
searchToken
OK
{- "tokenCreator": "string",
- "expiresBefore": "string",
- "expiresLaterThan": "string",
- "issuedBefore": "string",
- "page": 0,
- "pageSize": 0,
- "tokenName": "string",
- "tokenType": "NORMAL",
- "username": "string"
}
{- "responseObject": {
- "pageNumber": 0,
- "pageSize": 0,
- "response": [
- {
- "expiryStr": "string",
- "tokenDescription": "string",
- "tokenExpiryMillis": 0,
- "tokenIssueMillis": 0,
- "tokenName": "string",
- "tokenCreator": "string",
- "tokenType": "NORMAL",
- "username": "string"
}
], - "totalResults": 0
}, - "statusMessage": "string"
}