Access to the Service Manager REST API is secured and performed using Bearer authentication (authentication method None) using an access token.

Each access token:

• Is defined for a given user.
• Enables access to a given Service Manager REST API resource.

Notes

• You manage access to the Access Tokens menu in user profile management.
• You can also access the Service Manager REST API using Basic authentication with a login and password.

Caution

• Bearer authentication for the Service Manager REST API requires you to select the None authentication method.
• The value of the access token is only available when you generate the token. If you lose it, you must generate a new access token.

Best Practice

• If you want to prohibit a previously authorized user from accessing Service Manager data from the resource associated with the access token, you should revoke the token.

Menu access

Administration > Access Management > Access Tokens

Screen description

Name: Name of the access token.

User: Name of the user authorized to use the access token.

Date of last use: Date on which the access token was last used for a Service Manager REST API resource.

Revoke: Used to invalidate the use of the access token.

• All of the resources associated with this token will no longer be available. To make them available again, you must generate a new access token.

Procedure: How to define Bearer authentication for the Service Manager REST API

      See the procedure