When you sign up for the Blue Cedar integration platform, you are assigned to an organization and are given a username, then you can set a password.

Use POST /auth/token to retrieve the access token:

Request access token

curl -X POST "https://platform-api.bluecedar.com/v1/auth/token" 
     -H "accept: */*" -H "Content-Type: application/json" 
     -d "{\"username\":\"jruser\",\"password\":\"sample-password\"}"
BASH

This call responds with a JSON payload that includes user and organizational info, available integration accelerators, and related settings. You need these two strings to proceed:

  • access_token: a key used to authenticate to the platform
  • organization_uuid: the UUID for the organization, used in most API calls

POST /auth/token response excerpt

"organization_uuid": "08cfc9b9-1848-4da0-a271-0eaa4c8b1af3",
"access_token": "380d9c23-cca3-4618-b77a-15cdf934dba3"
BASH

You can set variables for these values in your environment:

Environment variables

ORG_UUID=08cfc9b9-1848-4da0-a271-0eaa4c8b1af3
AUTH_TOKEN=380d9c23-cca3-4618-b77a-15cdf934dba3
BASH

Authentication to the API is performed via bearer auth; use -H "Authorization: Bearer $AUTH_TOKEN". Refer to these variables to authenticate your account in API requests:

Authenticated request

curl -s -H "Authorization: Bearer $AUTH_TOKEN" \
        -H "X-Organization-UUID: $ORG_UUID" \
        -H 'Content-type: application/json' \
        -X GET "https://platform-api.bluecedar.com/v1/app_security_profiles" 
BASH

All API requests must be made over HTTPS. Calls made over plain HTTP fail. API requests without authentication also fail.