Read and Review Automation Anywhere Documentation

Automation Anywhere Version 11.3

Close Contents

Contents

Open Contents

Authentication API

  • Updated: 5/31/2021
    • 11.3.x
    • Explore
    • Enterprise
    • API docs

Authentication API

Use the Authentication API to generate, refresh, and manage JSON Web Tokens (JWT) that are required for authorization in all Control Room APIs.

The JWT is a text string with 703 characters.
{
  "token": "eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiIxIiwiY2xpZW50VHlwZSI6IldFQiIsImxpY2Vuc2VzIjpbXSwiYW5hbHl0aWNzTGljZW5zZXNQdXJjaGFzZWQiOnsiQW5hbHl0aWNzQ2xpZW50Ijp0cnVlLCJBbmFseXRpY3NBUEkiOnRydWV9LCJpYXQiOjE1NzMxMDc4NzMsImV4cCI6MTU3MzEwOTA3MywiaXNzIjoiQXV0b21hdGlvbkFueXdoZXJlIiwibmFub1RpbWUiOjM2NTc1NjI0OTQ2MzE2MDAsImNzcmZUb2tlbiI6ImNiZjgwZWNkZmU5YmUwYzViOGI2MDk3NmU0ZTI2MTNiIn0.rGYxbS5kKUTxtZhYtRSXpmIHwbf3IwLBIKDEA7odG5uGVAjD55Tv05bYdARx_3-tl1CBg_cDGbwj5FvaBt9u5xKu5W5j3Nur6x3PF62NeB3ZIdxiUPaFBU0Br84mPJMD4_EpwBfbeSVOMH6ngiLtJYhIOtJa0kp4pAAm3mvkuOUELtH8lf3pQf-2Ose2fUAaebDkqiH13SUF1TONAjUQv6Ef_uY0wgq9SjZwKHg9SKUhX3S8PXAJne_ih2QnN8nUE1SXGlkC04eoIvyWpFkM963XEjptc2uvwtVn42MdA4Nd1opD5yijEl9VM92Fe1sPb6_T5-oV-U1Iw0JHiX2-Ug",  . . . 
}

auth

POST http://<your_control_room_url>/v1/authentication
Body parameters:
{
  "username": "string",
  "password": "string",
  "apiKey": "string",
  "mfaCode": 0
}
Make a post request to generate a JWT.
  • The username of the Automation Anywhere user.
  • The password of the Automation Anywhere user.
  • The apiKey is required to configure Single Sign On (SSO). It can also be used in place of a password for users that are assigned to the API key generation role.
  • The mfaCode is required for user with a role that has been enabled for two-factor authentication (2FA). See, Enabling Two-factor authentication.
    Note: We recommend that you either disable 2FA in a role or create a separate role that does not use 2FA for use in scripts or other programmatic environments. You should use username and apiKey to authenticate when programmatically making API requests. Avoid using passwords in plain-text format to improve security.
Note: Authentication tokens have a default timeout of 20 minutes.
A JWT is required in the header of other Control Room APIs. Not all parameters are required to generate an authentication token. Go to the examples listed here for detailed information.
Note:

Simple and Protected Negotiation GSSAPI Mechanism (SPNEGO)

You can use SPNEGO, pronounced "spenay-go," when your Control Room is configured properly with the following authentication features:
  • Active Directory (AD) mode of authentication
  • AD is Kerberos enabled

In a Control Room with SPNEGO properly configured, users do not need to enter a username and password to generate a JWT.

SPNEGO Authentication API URL example:https://<your_control_room_url/v1/authentication/SPNEGO

GET http://<your_control_room_url>/v1/authentication/token/{token}
URL parameter:
The token you are validating.
Note: The token is passed as a parameter in the URL. There are no parameters for the request body.

Read Validate an authentication token for task details.

POST http://<your_control_room_url>/v1/authentication/token
Body parameter:
A refresh token allows you to get a new token without the need to collect and authenticate credentials every time a token expires.
{
  "token": "string"
}

Click Refresh an authentication token for a detailed example of this API.

POST http://<your_control_room_url>/v1/authentication/logout
Header parameter:
Immediately expires the token that you add to the header of the request.
POST 'http://<your_control_room_url>/v1/authentication/logout'
-H 'X-Authorization: <access_token> 

Click Immediately logout (expire) an authentication token for a detailed example of this API.

POST http://<your_control_room_url>/v1/authentication/app/login
The .../authentication/app/login API is a service to service authentication API used by Automation Anywhere internally supported applications. This API is not supported for use by external users.
Send Feedback