Rally Software

I work at Yahoo and we use saml based SSO. I'm having some trouble understanding how to get a security token from here: https://rally1.rallydev.com/slm/webservice/v2.0/security/authorize

Using curl and cookie jar, I am able to do all GET api calls (e.g. https://rally1.rallydev.com/slm/webservice/v3.0/hierarchicalrequirement/), but I can't seem to get a security token in order to make POST calls. Since I don't have a Rally based password, I am unable to authenticate myself using the URL above - is there another way to get a security token? Otherwise I'm guessing I need to use API v1.43, which I'd really rather not do since it's deprecated. Thanks.

Hello!  

APIs are not supported for SSO (https://help.rallydev.com/technical-overview-implementing-single-sign-on), unless it's the Excel add-in (https://help.rallydev.com/rally-add-excel-installation-user-guide), but that is a bit different since it has to be manually configured.

The only thing that would really work from our understanding of what you are wanting to do is to either:

•           use 1.43 for now, while our Devs work to see about SSO tokens for future Web Services API (WSAPI) (http://rally1.rallydev.com/slm/doc/webservice) versions
•           or to be added to an SSO exception list on the subscription, and get a Rally username and password set up to use that through the WSAPI

Is there any update on support for this John?  I find that I am able to authenticate via my companies SSO, receiving an apikey that I can use for a session with WSAPI.  This allows me to do read-only requests, however I get permission denied when trying to do anything that modifies data.