Home
Vantage
Administrator Guide
Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
Administration
Teams
API keys
API authentication
Once you have the API key name and token from Vantage, you can define your API calls, including enabling authentication of a third-party application.

Vantage
- Introduction
  An overview of Vantage.
- Administrator Guide
  Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
  - Administration
    - Administration page
      The administration page lets a user with administrator privileges configure settings and do other tasks.
    - System
    - Teams
      - Organizations
        The Organizations page shows your organizations, which are logical subdivisions within your Vantage account.
      - Groups
        The Groups page shows all the user groups in your organization, and lets you create and configure groups.
      - Users
        The Users page shows all the users that have been assigned in Vantage.
      - API keys
        API keys in Vantage
        For third-party applications that integrate with Vantage, you must use API keys to authenticate them.
        API authentication
        Once you have the API key name and token from Vantage, you can define your API calls, including enabling authentication of a third-party application.
        Considerations when you connect multiple applications to Vantage
        It is important to choose the correct approach when you want to connect multiple applications to Vantage. In many cases, you can create a single user that all of your applications use to access Vantage. However, if you have several applications that perform different kinds of task, each application may need its own user dedicated to its exclusive use.
        API Keys
        The API Keys page shows a list of all the API keys for every organization in the account.
        Generate an API key
        Before you can use an API key, you must generate one.
        Revoke an API key
        Once an API key has been created, you cannot edit it. You can only revoke it.
        API authentication examples
    - Organization Settings
  - Migration
  - SAML integration
- User Guide
  Information about the main features of Vantage and the tasks that you can do from the user interface (UI).
- Print format documentation
  A list of all the print-format documentation that is available for Vantage.

API authentication

Once you have the API key name and token from Vantage, you can define your API calls, including enabling authentication of a third-party application.

To connect to Vantage through the application programming interface (API), your third-party application must provide the API key name and key token.

The dedicated authentication endpoint is api/v1/keys/sign_in. This endpoint is available at the same base uniform resource locator (URL) as the web user interface (UI). Assuming this base URL is VANTAGE_URL, the full authentication URL is https://VANTAGE_URL/api/v1/keys/sign_in.

When your third-party connects to Vantage, it must:

Pass the key name as the user name
Pass the key token as the password

When Vantage successfully authenticates the calling application, it returns a JSON web token (JWT). This token allows the application to connect for 30 minutes. After 30 minutes, the JWT expires. When your application attempts its next transaction, Vantage returns a 401 error (Unauthorized). To continue to interact with Vantage, your application must pass the key name and key token to re-authenticate. Vantage generates a new JWT that allows your application to interact through the API for the next 30 minutes.

This security precaution means that your calling application must re-authenticate with Vantage in respond to a 401 error.

When you need to define API calls, refer to the documentation for your third-party application that you want to perform actions in Vantage.