Authentication API

Use the Authentication API to generate, refresh, and manage the JSON Web Tokens (JWTs) that are required for authentication and authorization in order to use the Control Room APIs.

注： You can view the Control Room APIs in the Community Edition, but API functionality is limited. You need a licensed Automation 360 Edition to access the full functionality of the APIs.

Set up authentication or authorization for your application

Generate a token with one of the following endpoints:
注： apiKey or password is used to generate a valid token. Both (apiKey and password) cannot be used together in a request body.
- Authenticate (username and password)
  If you are trying out the Control Room APIs in Swagger or another REST client, use this authentication method.
- Authenticate (username and apiKey)
  Use this authentication method to generate the token without the need for the user's password, such as for organizations that use single sign-on (SSO).
  注： Tokens have a default timeout of 20 minutes. Do not use an expired token for your API requests. Using an expired token will invalidate the current valid token.
- Simple and Protected Negotiation GSSAPI Mechanism (SPNEGO)
  You can use SPNEGO if your Control Room is configured with the Active Directory (AD) mode of authentication and it is Kerberos-enabled.
  In a Control Room configured with SPNEGO, you can use the following URL to generate a token: https://<your_control_room_url/v1/authentication/SPNEGO
Validate token
Refresh token
Expire token