API Connect

Changes to Authentication for API Connect on Cloud

By NEWTON PICCONE posted Tue August 07, 2018 09:31 PM


Please be advised:

The IBM API Connect team will be sunsetting the use of Basic Authentication for our Management APIs in our Public Cloud regions on August 15th, 2018. The Management APIs will continue to be available, but must be accessed using a token based authentication for improved security. For any customers using the Management APIs, please follow these instructions to take advantage of the token based security:

  1. Obtain an IBM Cloud API Key via: https://console.bluemix.net/iam#/apikeys

  2. Call the API Connect token service using the IBM Cloud API Key

    • The token service should be called via: POST https://login.service.<region>.apiconnect.ibmcloud.com/apikey?apikey=<ibm cloud api key>

  3. The API responds with a JSON payload. Use the value of the `jwt` property.

  4. Invoke API Manager APIs using the token as the authorization header, e.g. `curl https://us.apiconnect.ibmcloud.com/v1/me -H 'Authorization: Bearer <token>'`

If you previously used username and password to authenticate in the API Connect Developer Toolkit (apic) then you will need to update your toolkit to the latest version and switch to using API Key authentication. Using the API key you have retrieved you can login to the toolkit using:

apic login --server={cloud}.apiconnect.ibmcloud.com --apikey={apikey}

Where {cloud} is the hosted instance of API Connect you are connecting to e.g. us for US South, or eu-de for Frankfurt. In Reserved Instance this is the hostname you use to access API Manager (starts with mgr-).

We are confident that this change will not affect any of the core functionally in the API Connect for IBM Cloud service, and we look forward to continuing to provide you with an industry leading solution for API management, security, and socialization.

This applies to Public Cloud and Reserved Instance - when using reserved instance the JWT token is always retrieved from https://login.service.us.apiconnect.ibmcloud.com/apikey?apikey=<ibm cloud api key> irrespective of the deployment region