Setting the REST API token

A REST API token is an alternative way to authenticate to use a REST service in FishEye and Crucible. Instead of specifying a username and password of an authorized user, you can add a request header to the call that includes the REST API token:


This is currently only supported for a limited subset of REST services – see It allows you to use services that normally require administrator credentials, without exposing those or keeping them (for example in a script or a commit hook). The token cannot be used to log in to FishEye/Crucible or to perform any operations other than the designated REST service calls.

To generate a REST API token, log in to the administrator area of FishEye/Crucible, go to Authentication (under 'Security Settings'), then click Generate new token in the REST API Token section. A REST API token will be generated and displayed on screen.

You can always prevent access using a previously generated token by deleting it, or generating a new one. Note that this will prevent any existing scripts using the token from working, until you update them with the new token.

See also Authenticating REST requests.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport