1.1 Prerequisite knowledge

API authentication must be performed in advance to execute API requests.

(1) Obtaining Ops I tokens

A system administrator who has been granted the Pre-Installed role “System Security Administrator” can issue an Ops I token to any user. Ops I tokens do not expire.

To obtain an Ops I token, select a user subject to user management in the navigation area of the System Configuration window. After clicking a username in the configuration area, you will see the User Details screen. Click the “Issue Token” button in the token tab in the related resource area. The Ops I token issued in the dialog box will be displayed, so make sure the system administrator saves it in a memo or similar. The issued Ops I token will not be able to be viewed once you move to another window.

You can check the status of your Ops I token acquisition from the Token tab. The date and time that the token was issued is displayed on the Token tab for users who have already been issued an Ops I token.

Furthermore, the “Revoke Token” button is displayed on the Token tab for users who have already been issued an Ops I token. If the Ops I token is no longer needed, the system administrator can revoke it by clicking the “Revoke Token” button and then clicking the “OK” button in the “Revoke Token” dialog box that appears.

(2) Providing and setting Ops I tokens

The system administrator provides the obtained Ops I token to the user executing the API request via email or other means.
Users executing the API request can do so by setting the Ops I token as a header.
It is also possible to set the Ops I access token obtained in “Obtaining Ops I access tokens (not recommended)” as a header and execute the API request. (Not recommended)

<Example> When setting the Ops I token as a header

# curl -XGET "Ops I URL/api/v1/gitops-logs" ¥
-H "X-OpsI-Token: Ops I token"

<Example> When setting the Ops I access token as a header

# curl -XGET "Ops I URL/api/v1/gitops-logs" ¥
-H "Authorization: Bearer Ops I access token"

(3) Obtaining Ops I access tokens (not recommended)

Users executing the API request can obtain an Ops I access token via the “refresh-token” API request. In doing so, the Ops I token provided in “Providing and setting Ops I tokens” must be set as the header. Ops I access tokens are valid for 30 minutes. The following example shows how to execute the API request.

<Example> /oauth2/refresh-token

# curl -XPOST "Ops I URL/oauth2/refresh-token" ¥
-H "X-OpsI-Token: Ops I token"

You can execute API requests other than the "refresh-token" API request by setting the value of access_token in the response body (JSON format) obtained by the "refresh-token" API request as an Ops I access token in the header.