Skip to main content
System StatusContact Support
VersionOne Community

API Authentication Methods

Depending upon where your VersionOne Lifeycle instance is installed and how it's configured, there are special considerations for accessing the rest API. In most of the documentation, you'll see the rest-1.v1 endpoint referenced in examples. You may need to use rest-1.oauth.v1 instead under certain conditions.

Currently, however, if your instance is configured with Windows Integrated Authentication Mode and you want your code to use Access Tokens, you will need to use a slight variation named rest-1.oauth.v1.

Important: We will remove the rest-1.oauth.v1 endpoint in a future release. When we do this, we will change rest-1.v1 to work only with Access Token.

Current Options

This table summarizes the current options:

Installation Type Authentication Mode rest-1.v1 supports: rest-1.oauth.v1supports:
On-Premise VersionOne Access Token Access Token
On-Premise Windows Integrated Authentication Windows Integrated Authentication (for capable clients) Access Token
On-Demand VersionOne Access Token Access Token
On-Demand SSO Not Available Access Token

Basic Auth Information

As of this writing, you are able to use Basic Auth (username / password) anywhere the table shows Access Token above with the exceptions of an On-Premise instance configured in Windows Integrated Authentication Mode and an On-Demand SSO instance. But, like the rest-1.oauth.v1 endpoint, this capability will also be removed in a future release. Thus, we recommend transitioning to Access Token now.

Future Options

As mentioned above, we will be removing rest-1.oauth.v1 and Basic Auth completely in a future release. The following table summarizes what the options will look like at that time:

Installation Type Authentication Mode rest-1.v1 supports:
On-Premise VersionOne Access Token
On-Premise Windows Integrated Authentication Access Token
On-Demand VersionOne Access Token
On-Demand SSO Access Token

Single Sign On Authentication Considerations

On-Premise

Note that if you are using On-Premise Single Sign On Authentcation (SSO), you must configure your SSO provider's rules to either allow or deny rest-1.v1 and/or rest-1.oauth.v1. We recommend just exposing rest-1.v1, since rest-1.oauth.v1 will eventually be removed.

On-Demand

If you are using On-Demand Single Sign On, then your code must authenticate with an Access Token. We recommend coding against the rest-1.v1 endpoint, since rest-1.ouath.v1 will eventually be removed. See more information about On-Demand Single Sign On here.

  • Was this article helpful?