Rally Rest API, Security token returned by security/authorize is valid for how much time

0 投票
最新提问 用户: (540 分)

I am using the security rest api method to get the security token and pass it on later for PUT/POST requests.

Using https://rally1.rallydev.com/slm/webservice/v2.0/security/authorize, to get the security token.

Token received is valid for how much time? Will it expire automatically?

Can some one share thoughts on this. Thanks


0 投票
最新回答 用户: (220 分)

I believe it is valid for the length of your session, which is dependent on the timeout value configure in your user profile. The preferred approach for external integrations is to use an api key, since the csrf token is not necessary...

发表于 用户: (540 分)
Thanks Kyle for the reply. I am making the rest call from a java application, where each rest call is done on a new http request. Even though i get the security token from rest call and later use it in another rest call( i.e new http request), i get "Not authorized to perform action: Invalid key" error. As the PUT rest call is done on a new http session previous token is now invalid. As each call is on a new http session, due to this am i facing the above issue? To handle this, Is the API key only way? Please let me know your thoughts. Thanks.
发表于 用户: (220 分)
Are you using one of our rest toolkits? Most of them should handle the security token for you automatically... Otherwise, API Keys are the preferred approach.
欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。