Securing an API Access Token
Regular users of Brainstorm do not have the ability to provision their own API keys. Only network administrators of your Brainstorm instance has the ability to provision API keys.
As a Brainstorm administrator, you can navigate to the Network Settings page to create an API key. You can use this tool to email developers interested in developing against the Brainstorm API.
Note: those that have access to an API key for your instance of Brainstorm can access your organization's sensitive information. Make sure you only provide API access information to email addresses that have permission to access your data.
You can access this module in your network settings page
Using the API token to authenticate requests
All API endpoints in Brainstorm require passing the appkey and the appsecret, base64 encoded, in the HTTP
Authorization header. The value of the header should be
Basic base64($appkey$:$appsecret$). Here is a snippet of
how you would assemble the value of the Authorization header in C#:
string str = apiKey + ":" + apiSecret; byte bytes = Encoding.ASCII.GetBytes(str); string base64Encoded = Convert.ToBase64String(bytes); return "Basic " + base64Encoded;
Executing API requests from the command line
One can use the linux command curl to execute HTTP requests against the API as a means to verify your API calls. Use the -u command line option to specify the apikey and apisecret. NOTE: curl will automatically base64 encode your value, so you can simply execute the command like this:
curl https://YourCompany.intuitbrainstorm.com/api/idea/details/1 -u [apikey]:[apisecret]
Substitute the [apikey] and [apisecret] with your credentials, and replace "YourCompany" with your company's Brainstorm subdomain.