Guide to authenticate your API calls to VSM
LeanIX VSM uses OAuth2 to authenticate users to access any of the available APIs. The following flow describes, how an API Token is used to retrieve a Bearer Token.
Getting an API token
Administrators can generate one or more API Tokens in the Administration of LeanIX VSM, which have expiry data until they can be used. To get an API Token go to Administration> Technical Users > New Technical User.
An example of how to use the technical user token for acquiring an access token can be seen in the following snippet.
Getting a Bearer token from the API token
Every API call to our endpoints needs to be authorized by a bearer token. To retrieve a bearer token from an API token call the below endpoint:
curl --request POST \
--url https://<host>.leanix.net/services/mtm/v1/oauth2/token \
-u apitoken:<API Token from the technical user panel> \
--data grant_type=client_credentials
How do I get the
hostparameter?To get the
hostparameter just copy it from your workspace URL:
Example of an authorized call:
curl --request POST \
--url https://eu-vsm.leanix.net/services/vsm/discovery/v1/product \
--header 'accept: */*' \
--header 'authorization: Bearer xxx' \
--header 'content-type: application/json' \
--data '
{
"id": "product4711",
"sourceType": "productboard",
"sourceInstance": "my-company",
"name": "my-webshop",
"description": "An amazing webshop",
"links": {
"API Link": "https://example.com/v1",
"SwaggerUI": "http://example.com/swagger-ui/"
}
}
'
Note: the header will always need to contain a valid bearer token like authorization: Bearer xxx.