Logging In

The RAP API exists on two URL segments: the root segment '/' which is unsecured, and the secured segment '/api/v3/rap', which can only be accessed using a token.

To obtain a token, send a GET request to the /Tokens endpoint (unsecured). This request should carry a Basic Auth header, containing the Username and Password of the user account to use (for basic auth, create a string in the form "Username:Password" and Base64 encode it). You will also need to provide a query parameter "lictype", specifying the type of license this user will claim.
The "lictype" parameter can be one of four values - generic, agent, cli or dashboard, corresponding to the license types in the RAP license being used.

Example:

curl --location --request GET 'https://myserver:5000/Tokens?lictype=generic' --header 'Authorization: Basic BASE64ENCODEDAUTH'

where BASE64ENCODEDAUTH is a Base64 encoding of the string Username:Password.

The successful response will contain everything the session needs, including a token to use with all queries on the secure '/api/v3/rap' segment.

{
    "status": "success",
    "data": {
        "serverVersion": "3.1.1.5692",
        "serverVersionInfo": "3.1.1+20220627.5692",
        "databaseVersion": "rapdb-3.1",
        "engineVersion": "0.0.1",
        "session": {
            "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IlN5c0FkbWluIiwibmFtZWlkIjoiNDkxN2ZmNGYtNDJjZC0xMWU3LWE0ZDYtMDAxNTVkMDk5NDFkIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc2lkIjoiZjQzNGY0YTgtMTRjNy0xMWVkLTkzMTQtMDAxNTVkMDE2NzBhIiwibHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9leHBpcmF0aW9uIjoiNjM3OTUzMDg4NTQwMDAwMDAwIiwibmJmIjoxNjU5NzA4NDU1LCJleHAiOjE2NTk3MTIwNTUsImlhdCI6MTY1OTcwODQ1NSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIn0.-cgOBLVO7Te-T4Qrql1LwZ580LbBeQdNHMEbSmGBtJY",
            "expires": 1659708455,
            "user": {
                "id": 1,
                "name": "SysAdmin",
                "lictype": "generic",
                "displayname": "Administrator",
                "uid": "4917ff4f-42cd-11e7-a4d6-00155d09941d",
                "email": "admin@mycompany.com",
                "uisettings": "{}",
                "memberships": [
                    {
                        "id": 1,
                        "groupName": "Administrators"
                    },
                    {
                        "id": 2,
                        "groupName": "Users"
                    }
                ]
            }
        },
        "rapConfig": {
            "defaultRobotLicense": "",
            "defaultMaxUploadSize": 209715200
        }
    }

}

Basic Authentication should not be considered secure, and we highly recommend only sending this request over a secure SSL connection. Securing the API server for SSL can easily be achieved with a certificate, and a reverse proxy such as nginx.

The token is valid for 60 minutes, for this URL only.

The token should be used with the 'Bearer" header in all subsequent API calls on the secure segment. For example, to obtain a list of processes:


curl --location --request GET 'https://myserver:5000/api/v3/rap/Processes' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IlN5c0FkbWluIiwibmFtZWlkIjoiNDkxN2ZmNGYtNDJjZC0xMWU3LWE0ZDYtMDAxNTVkMDk5NDFkIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc2lkIjoiZjQzNGY0YTgtMTRjNy0xMWVkLTkzMTQtMDAxNTVkMDE2NzBhIiwibHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9leHBpcmF0aW9uIjoiNjM3OTUzMDg4NTQwMDAwMDAwIiwibmJmIjoxNjU5NzA4NDU1LCJleHAiOjE2NTk3MTIwNTUsImlhdCI6MTY1OTcwODQ1NSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIn0.-cgOBLVO7Te-T4Qrql1LwZ580LbBeQdNHMEbSmGBtJY'

Logging Out

When a session is no longer needed, it should be released (in theory it can be left to time out on its own, but this will use up a session license unnecessarily, so it's generally best practice to release a session as soon as it's no longer required).

To release a session, send a DELETE request to the /Tokens endpoint (where the session was originally claimed) like this:

curl --location --request DELETE 'https://myserver:5000/Tokens' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IlN5c0FkbWluIiwibmFtZWlkIjoiNDkxN2ZmNGYtNDJjZC0xMWU3LWE0ZDYtMDAxNTVkMDk5NDFkIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc2lkIjoiZjQzNGY0YTgtMTRjNy0xMWVkLTkzMTQtMDAxNTVkMDE2NzBhIiwibHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9leHBpcmF0aW9uIjoiNjM3OTUzMDg4NTQwMDAwMDAwIiwibmJmIjoxNjU5NzA4NDU1LCJleHAiOjE2NTk3MTIwNTUsImlhdCI6MTY1OTcwODQ1NSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MTAwIn0.-cgOBLVO7Te-T4Qrql1LwZ580LbBeQdNHMEbSmGBtJY'