Guide to authenticate your API calls to VSM

LeanIX VSM uses OAuth2 to authenticate users to access any of the available APIs. The following flow describes, how an API Token is used to retrieve a Bearer Token.

Getting an API token

Administrators can generate one or more API Tokens in the Administration of LeanIX VSM, which have expiry data until they can be used. To get an API Token go to Administration> Technical Users > New Technical User.

An example of how to use the technical user token for acquiring an access token can be seen in the following snippet.

Getting a Bearer token from the API token

Every API call to our endpoints needs to be authorized by a bearer token. To retrieve a bearer token from an API token call the below endpoint:

curl --request POST \
  --url https://<host> \
  -u apitoken:<API Token from the technical user panel> \
  --data grant_type=client_credentials


How do I get the host parameter?

To get the hostparameter just copy it from your workspace URL:

Example of an authorized call:

curl --request POST \
     --url \
     --header 'accept: */*' \
     --header 'authorization: Bearer xxx' \
     --header 'content-type: application/json' \
     --data '
  "id": "product4711",
  "sourceType": "productboard",
  "sourceInstance": "my-company",
  "name": "my-webshop",
  "description": "An amazing webshop",
  "links": {
    "API Link": "",
    "SwaggerUI": ""

Note: the header will always need to contain a valid bearer token like authorization: Bearer xxx.