Authentication

API Key

The best authentication method is to identify user using the apiKey approach. An apiKey is a secret token that is available from Bitbar Testing from under My Account. If needed the apiKey token can also be re-generated to invalidate old scripts.

curl -u <api-key>: https://cloud.bitbar.com/api/me

OAuth 2.0

Another way is to use OAuth 2.0 - an open standard for authorization.

Starting new session

curl -X POST https://cloud.bitbar.com/oauth/token -d 'client_id=testdroid-cloud-api&grant_type=password&username=EMAIL&password=PASSWORD'

Response:

{
    "access_token":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "token_type":"bearer",
    "refresh_token":"yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy",
    "expires_in":1799,
    "scope":"read write"
}

Refreshing existing session

curl -X POST https://cloud.bitbar.com/oauth/token -d 'client_id=testdroid-cloud-api&grant_type=refresh_token&refresh_token=REFRESH_TOKEN'

Response:

{
    "access_token":"zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz",
    "token_type":"bearer",
    "refresh_token":"yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy",
    "expires_in":1799,
    "scope":"read write"
}

Using access token

curl "https://cloud.bitbar.com/api/me?access_token=ACCESS_TOKEN"