Create API tokens

API tokens provide a level of authentication for External Data Source REST APIs and the WDSL links obtained from workflows registered as Web Services. A REST API External Data Source or Web Service may not be accessed via its URL unless it has at least one valid API token. API tokens have expiration dates, and are valid for either 30, 60 or 90 days.

Users with Administrator privileges may create API tokens for existing REST API External Data Sources or Web Services by carrying out the following steps:

  1. Select the REST API External Data Source in Data/External Data Sources hierarchy folder. Alternatively, select the Data/Web Services hierarchy folder, and locate the Web Service for which to create an API token.

  2. Click ‘Make API Token’ to display the Create API Token screen.

  3. Set an expiration period for the API token, and click ‘Create API Token’. The API token is listed in the API Tokens screen.

API tokens are associated with External Data Source REST API and WDSL links by updating the URL headers.

External Data Sources

For External Data Source REST APIs, this can be done using the curl utility from the command line. The following command lists the authorizations associated with an External Data Source REST API URL.

Format

curl -i < External Data Source REST API URL>

Example

C:\temp>curl -i http://localhost/livecompare/studio/xds/A1D3A41788A149F3B622E66209A00CAC.xdsx

HTTP/1.1 401 Unauthorized

Cache-Control: private

Server: Microsoft-IIS/10.0

X-AspNet-Version: 4.0.30319

X-UA-Compatible: IE=edge

Access-Control-Allow-Origin: *

Date: Tue, 31 Jan 2023 03:32:34 GMT

Content-Length: 0

The ‘HTTP/1.1 401 Unauthorized’ line indicates that access to the External Data Source via its REST API URL is unauthorized. The following command shows how to apply an API token to the URL’s header.

Format

curl -i -H "Authorization: Bearer <API token>" < External Data Source REST API URL>

Example

C:\temp>curl -i -H "Authorization: Bearer CCD77B6445784254A9B609776E3A85C9" http://localhost/livecompare/studio/xds/A1D3A41788A149F3B622E66209A00CAC.xdsx

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json

Server: Microsoft-IIS/10.0

X-AspNet-Version: 4.0.30319

X-UA-Compatible: IE=edge

Access-Control-Allow-Origin: *

Date: Tue, 31 Jan 2023 03:43:00 GMT

Content-Length: 177

{"cols":[{"id":"NAME","label":"NAME","type":"string"},{"id":"TYPE","label":"TYPE","type":"string"}],"rows":[{"c":[{"v":"VA01"},{"v":"TCOD"}]},{"c":[{"v":"VA02"},{"v":"TCOD"}]}]}

The ‘HTTP/1.1 200 OK’ line indicates that access to the External Data Source via its REST API URL is authorized. The final line contains the table data returned from the External Data Source.

Web services

The following Python script shows how an API token can be applied to the WSDL link for a workflow registered as a Web Service. The workflow has two input parameters named x and y, and returns their sum in a String dataset named sum.

from requests import Session

from zeep import Client

from zeep.transports import Transport

def adder():

WSDL = 'http://localhost/livecompare/studio/Adder/Adder.lcsx?WSDL'

session = Session()

session.verify = False

transport = Transport(session=session)

headers = {

# Update the following line with your API token

'Authorization': 'Bearer E4B6E815C0174281AB5AA098F404C98C'

}

session.headers.update(headers)

client = Client(WSDL, transport=transport)

swr = client.service.StartWorkflow(x=10, y=20)

token = swr['token']

ewr = client.service.EndWorkflow(token=token)

while True:

status = ewr['status']

if status == 'FAILED':

break

if status == 'COMPLETED':

break

ewr = client.service.EndWorkflow(token=token)

if status == 'COMPLETED':

print('sum: {0}'.format(ewr['workflowResult']['sum']))

adder();

The Run Web Service action allows API tokens to be applied to Web Services called from LiveCompare.

Turn off authentication

To turn off REST API authentication, carry out the following steps:

  1. Make sure no users are logged into LiveCompare, and that no workflows are currently running.

  2. Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Tricentis\LiveCompare\5.3\Settings folder.

  3. Create a String value named SkipRESTAuthorization and set its value to X.

To turn off Web Services authentication, carry out the following steps:

  1. Make sure no users are logged into LiveCompare, and that no workflows are currently running.

  2. Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Tricentis\LiveCompare\5.3\Settings folder.

  3. Create a String value named SkipWebServicesAuthorization and set its value to X.

If you set or clear the SkipRESTAuthorization or SkipWebServicesAuthorization values, you will need to restart the LiveCompare Application Pool on the LiveCompare server.

View API tokens

Delete API tokens

Run Web Service actions

Run a workflow from an external program