CA Agile Central Application Manager

CA Agile Central Application Manager provides a set of authentication features for API and app developers and users.

Access CA Agile Central Application Manager

To access the CA Agile Central Application Manager, login with your CA Agile Central username and password at the following URL: https://rally1.rallydev.com/login.

There are three tabs at the top of the page—Authorized Applications, API Keys, and OAuth Clients.

API Keys

Previously, a LoginKey was needed to collect and display CA Agile Central data in other systems, such as Confluence. This method also required a seat license to provide a user and password combination.

The API Keys page allows you to create keys that can be used to access your subscription data without using your username and password. However, any application using the API Key you generated will have access and be tracked as if you logged in with your username and password. API Keys do not require an additional CA Agile Central license because they are an extension of your own user license.

API Keys are strings that authenticate a user when accessing the CA Agile Central Web Services API. However, unlike a session token, the API Key does not expire. API Keys obey the permissions of the user that generated them—like using that user’s credentials. Keys are valid as long as the user desires, and can be deleted or reset. API keys will not authenticate if the username or password has expired.

Subscription administrators may view, delete, and reset all active keys in a subscription from the API Keys page.

Note: If API Keys are disabled at the subscription level, a user trying to set up a new API Key or edit an existing API Key will see an error message that states: API Keys are disabled. Please contact your Subscription Administrator to enable this functionality.

If API Keys are disabled:
  • The only action available on the API Key page is the ability to delete an existing API Key.
  • Existing keys will not work and will return a 401 error message.

To create a new key:

  1. Click the Create New API Key link.
  2. Enter a name or description for the key in the Description field.
  3. Select the read-only or full access option from the Grant section.
  4. Click Create.

Your key is created and you can edit or delete the key as needed.

OAuth Clients

The OAuth Clients page lets you integrate your external web app using CA Agile Central’s OAuth server. ADD OAuth clients to the page by clicking Create New Client, then enter the Application Name and Callback URL. Follow the standard OAuth2 workflow to obtain an access token. An explanation of the workflow and sample apps can be found on GitHub.

OAuth credentials display for each of the applications below that you have created. If the application is no longer operational, or the credentials have been compromised, delete the client or reset the client secret.

Authorized applications

This page lists the status of any standard or custom OAuth applications that you have authorized on your account.

These applications are authorized to access and retrieve data from your CA Agile Central account. Access can be revoked from this page. A revoked application can be re-enabled by entering your CA Agile Central credentials in the revoked application.

Currently, Flowdock is the only available standard integration.

Work Item connector APIKey Support

Single-Sign On Work Item connector users can authenticate using APIKeys rather than basic authentication. Credentials used for Work Item connectors are encrypted, not encoded. These features increase security and simplify the use of APIKeys with your entire CA Agile Central subscription.

Subscription administrators can enable or disable APIKeys for their entire subscription through the Admin Capabilities window that can be accessed using the Edit Subscription action.

If the APIKeys Enabled box is checked, all members of that subscription will be able to create and use APIKeys for authenticating with Work Item connectors.

Work Item connector APIKeys includes the following benefits:

  • You can use Work Item connectors (JIRA, HPQC, Microsoft TFS, Bugzilla) with APIKey Authentication rather than basic authentication.
  • You can enable and disable APIKeys from a single location for your entire subscription, allowing you to easily ensure that your subscription setup is aligned with your company’s policy for APIKey usage.
  • Subscription administrators do not need to whitelist Work Item connector users.

Work Item connector APIKeys limitations:

  • APIKeys are not supported in the sandbox environment.
  • APIKeys are not supported in non-Work Item connectors.
  • APIKeys are not supported for On-Premises installations.

Feedback

Need more help? The CA Agile Central Community is your one-stop shop for self-service and support. To submit feedback or cases to CA Agile Central Support, find answers, and collaborate with others, please join us in the CA Agile Central Community.