AIO Access Token

API Tokens are required to interact with AIO Tests using REST APIs. The token is generated, to help identify a valid Jira user (who is authorized to use AIO Tests).

In this documentation, you will understand:

Note that this is only applicable for Cloud hostings. For Datacenter authentication mechanism, please refer to Rest API Authentication | Server/Data Center

How to generate API Tokens?

Users can generate an API token for themselves using the AIO Tests interface by clicking on the gear icon on the top right of the app and selecting the ‘My Settings’ option from the dropdown menu. Click on the ‘API Token’.

image-20240221-114942.png
image-20240221-115044.png

The below dialog box is shown on clicking ‘Manage API Token’.
Click ‘Generate API Token’.

An API token will be generated and the user will be given an option to copy and save it for later use.

Once the window below is closed, the API token cannot be accessed again and thus it is encouraged that users save the token by copying from this window.

Once the API token is generated, it can be used for authorization through curl or automation code.

Once the API token is generated, it can be used by adding Authorization header as AioAuth <Your Token>.

Regenerating an API Token

Once generated, the API token needs to be saved locally for any user. In case of loss of the token, it can be regenerated.

Navigate to Manage API Token → Token details are listed as shown below. Click on the Refresh link next to the API Token.

A new token would be issued and the earlier token would no longer be valid. The new token would work the same as the old token.

Revoking an API Token

In case, if a token is compromised or if a user no longer wants to use the API key for making API calls, a token can be revoked.

Navigate to Manage API Token → Token details are listed as shown below.

Click on the Revoke link next to the API Token.

The token would be revoked, but the last 4 chars would still be displayed for reference purposes. The API calls with the token will no longer work and will return an Unauthorized response.

Post-revocation, a new token can be generated anytime by navigating back to Manage API Token.

 

For further queries and suggestions, please feel free to reach out to our customer support service via help@aiotests.com.