Rally Software

  • 1.  Rest services authenticate with any API key that starts with underscore

    Posted May 18, 2017 08:14 AM

    HI,

     

    I am using the rally API key for authentication of the rest services. Services get authenticated with any API key that starts with underscore (_). Looks like API key is validated by checking whether it starts with underscore or not.

    Is this correct or Is it a bug in rest service authentication.?

     

    Api key is generated at https://rally1.rallydev.com/login/accounts/index.html#/keys 



  • 2.  Re: Rest services authenticate with any API key that starts with underscore

    Posted May 18, 2017 12:48 PM

    Hi anil.vanaparthi ,

    I might be misunderstanding the question. It does appear all APIKeys start with an '_', but the entire key is validated before access is granted to CA Agile Central webservices. You can test by changing a few characters in a key.

     

    Thanks,

    Sean Davis



  • 3.  Re: Rest services authenticate with any API key that starts with underscore

    Posted May 19, 2017 01:09 AM

    Hi Sean Davis,

     

    ya i tried giving wrong api key, but still it works.

    For example "_abc" is also being validated as correct. It fails only if it doesn't start with underscore.

     

    Thanks.



  • 4.  Re: Rest services authenticate with any API key that starts with underscore

    Posted May 19, 2017 11:35 AM

    Hi anil.vanaparthi

    My guess is your REST client is caching session information. Try from something like cURL and you will see the requests fail as you change your APIKey.

     

    Thanks,

    Sean Davis



  • 5.  Re: Rest services authenticate with any API key that starts with underscore

    Posted May 22, 2017 05:56 AM

    Hi Sean Davis,

    I think issue here is not because of caching. When i give api key without underscore it fails, so it is always taking the latest key.

     

    I have event tried from mozilla Rest client and i face the same issue.

     

    I am using a trial version of CA Agile central. Is this causing the issue?

     

    Thanks

    Anil



  • 6.  Re: Rest services authenticate with any API key that starts with underscore

    Posted May 22, 2017 03:58 PM

    Hi anil.vanaparthi

    I cannot reproduce the issue internally, so it might be best to create a support ticket. You can do that via https://support.ca.com or by calling  800-225-5224.

     

    Thanks,

    Sean Davis