Forum Discussion

mray's avatar
mray
Icon for LM Conqueror rankLM Conqueror
6 months ago

Accessing the LogicMonitor REST API with Postman and Bearer Token Authentication

This is a follow-up to the classic Kurt_Huffman post: Accessing the LogicMonitor REST API with Postman and LMv1 API Token Authentication | LogicMonitor - 5143  That post is still a treasure trove o...
postman
Anonymous's avatar
Anonymous

Oh, I got it to work.

  1. In Postman, click Import and paste https://www.logicmonitor.com/swagger-ui-master/api-v3/dist/swagger.json. This should start the import process. 
  2. Before clicking the import button, click the gear to view import settings. 
  3. Make sure "Always inherit authentication" is checked on.
  4. Go to the collection root and select the auth tab.
  5. Change the auth type to "Bearer Token" and put {{bearer}} as the token.
  6. Go to the scripts tab and add this to the pre-request script: pm.request.headers.add({key: 'X-Version', value: '3'})
  7. Save the collection.
  8. Build the environment from mray's instructions above, except don't insert the word "bearer" in front of the token.

 

The swagger collection comes with all optional query parameters enabled on each request, so you'll need to turn those off for each request or you'll get an error response with something like "invalid filter". I don't know if postman's import settings can change this.

mray's avatar
mray
Icon for LM Conqueror rankLM Conqueror
4 months ago

Nice! 🔥

And yeah the bear auth type is a good alternative for sure. Prob the "more official" way tbh. The only upside of my method of including "bearer" in the standard auth header is that you could swap between bear and LMv1 tokens more seamlessly. Could just be helpful for Support folks or people making the transition away from LMv1 tokens.

  • Anonymous's avatar
    Anonymous
    4 months ago

    Yeah, i get that. I chose bearer auth for the more postmanic way of doing it and because setting up the swagger collection like this with LMv1 tokens would require more work (which is why i didn't do it before). The pre-request script would have to detect which type of auth your environment is using and switch between them.

    I think steps 2-6 could be omitted if LM were willing to change that config in the source and republish. Since the json being imported is specific to v3 of the API, hardcoding that in shouldn't be an issue. That would make using postman a 3 step process: 1) import, 2) build your environment, 3) start making calls.