Rally - How to create and update an artifact in sandbox via WS API
search cancel

Rally - How to create and update an artifact in sandbox via WS API

book

Article ID: 57510

calendar_today

Updated On:

Products

Rally On-Premise Rally SaaS

Issue/Introduction

Since the sandbox does not support using an API key, it is necessary to request a security token to perform write operations.  Trying to create, update or delete work items without a key will result in "Not authorized to perform action: Invalid key".  This article will demonstrate two methods for example calls, however it is still necessary to store a token in a cookie regardless of the methods used.

Cause

Starting with v2.0 of Web Services API an extra layer of authentication is required for POST requests: it is not enough to supply username/password.  

Resolution

HOW TO POST TO SANDBOX USING A BROWSER REST CLIENT:

A browser maintains an HTTP session which makes it possible to request a token in one request and then issue a POST request to which the token is appended without having to maintain the session manually.

 

Here we create a portfolioitem/feature/

 

Step 1: 

Get a security token:

https://sandbox.rallydev.com/slm/webservice/v2.0/security/authorize

 

Result includes the security token:

Step 2: 

Create a Rally artifact, for example, a portfolioitem/feature. Notice that the security token has to be appended to the request:

https://sandbox.rallydev.com/slm/webservice/v2.0/portfolioitem/feature/create?key=07fd4ed0-1...

 

Here is a payload example:

{
"Portfolioitem/Feature":{
"Name": "my feature"
}
}



HOW TO POST TO SANDBOX USING USING CURL:

If a user updates, creates or deletes CA Agile Central artifacts via WS API outside of a browser, for example when using curl, the session has to be maintained manually. Without a session cookie each curl request (in our case getting the token and the post request to update an artifact) will constitute separate HTTP sessions.

 

Step 1:

Tell curl to store a session cookie in order to persists the HTTP session in the terminal, cd to the working directory

curl -u "<User>@<Company.com>:<PASSWORD>" https://sandbox.rallydev.com/slm/webservice/v2.0/security/authorize -c sandboxcookie.txt

 

A file sandboxcookie.txt will be created in the working directory. Here is a content example:

# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_sandbox.rallydev.com?? ?FALSE?? ?/?? ?TRUE?? ?0?? ?JSESSIONID?? ?qs-sapp-011eo9hnroag41w1ax29stc60iwo.qs-sapp-01
#HttpOnly_.sandbox.rallydev.com?? ?TRUE?? ?/?? ?TRUE?? ?0?? ?SUBBUCKETID?? ?209

 

Note the output in the terminal, which includes the security token you will append to your post request in the next step:

{"OperationResult": {"_rallyAPIMajor": "2", "_rallyAPIMinor": "0", "Errors": [], "Warnings": [], "SecurityToken": "<SECURITY_TOKEN>"}}

 

Step 2:

Here is the curl command to update a defect:

curl -v -u "<User>@<Company.com>:<PASSWORD>" -H "Content-Type: application/json" -d"{\"Defect\":{\"Resolution\":\"Not a Defect\",\"State\":\"Fixed\"}}" https://sandbox.rallydev.com/slm/webservice/v2.0/Defect/<Defect_OID>?key=<SECURITY_TOKEN> -b sandboxcookie.txt

 

The output in terminal will include a full JSON. Success!

Attachments

1558713135879000057510_sktwi1f5rjvs16svy.png get_app
1558713133983000057510_sktwi1f5rjvs16svx.png get_app
1558713132120000057510_sktwi1f5rjvs16svw.png get_app
1558713130102000057510_sktwi1f5rjvs16svv.png get_app
Powered by Wolken Software