Generating an API authorization token
Generate an API authorization token to authenticate to IBM Software Hub APIs.
Tokens and API keys are subject to authorization checks. Invocation of API endpoints depends on the role and permissions that you are granted on the platform and in services.
Before you begin
To get an API authorization token, you must generate an API key by using the IBM Software Hub web client. For more information, see Generating API keys for authentication. You can use the web client when SAML 2.0 is configured as a web SSO.
You can also generate an API key programmatically by using the Get API key
endpoint but this endpoint requires a
Bearer
token and is not recommended.
About this task
You can use your username
and api_key
to generate a
ZenApiKey
authorization token to invoke IBM Software
Hub APIs. This
method requires one API call to an endpoint.
ZenApiKey
does not expire but you can revoke it and regenerate it at any
time for increased security.Procedure
To generate an API authorization token, follow these steps.
What to do next
For most IBM Software Hub endpoints, you can use the generated API authorization token in the authorization header of subsequent API calls.
curl -H "Authorization: ZenApiKey ${TOKEN}" "https://<platform_instance_route>/<endpoint>"
If you need a Bearer token in your endpoint, see Generating a bearer token.