Authentication for the Application Management REST API

To use the Application Management REST API, you must establish a user session by requesting an authentication token. The authentication token can then be used in all future requests during the user’s session to make requests to the API. This page outlines authentication prerequisites, how to get an authentication token, and how to end a user session.


  • Credentials for an active Platform user
  • Tenant or Developer Team alias you want to connect to the Platform through. An individual Apprenda User account can be part of multiple Tenants/Development Teams, so is necessary to specify the Tenant/Development Team under which you would like to establish a session. Use the Application Management REST API to find out your tenatAlias/devTeamAlias
  • An active subscription to the Developer Portal for the Apprenda Platform instance assigned to your user. Contact your Account Administrator if you have questions about your subscription status. Read more about Developer Portal subscriptions.

Authentication URL

Platform Operators can make a REST call from any client to the JSON authentication URL for their target Apprenda instance. In the URL below, your Apprenda environment URL for the cloud you wish to connect to should replace CloudURI. See more information about where to find your CloudURI.


Establishing a User Session

To get an authentication token, make a POST request with your username, password, and tenantAlias (or developerTeamAlias) JSON-formatted in the body of the request.

The example below illustrates making an authentication request. The example assumes a CloudURI of “http://apps.apprenda.harp” and specifies “Content-Type: application/json” in the request header.

Example Request

Verb: POST

Request URL: https://apps.apprenda.harp/authentication/api/v1/sessions/developer

Request Body

"username": "",
"password": "password",
"tenantAlias": "devteam1"

If your request is successful, the Platform will return a JSON object with your ApprendaSessionToken. This token must be passed with any future requests you make during this session. It can be passed in POST or PUT requests as JSON in the body of the request, or as an HTTP header called ApprendaSessionToken (not case sensitive).

Successful Response


User Sessions

Once created, users can make requests to the Application Management REST API until the user session expires or is terminated. The length of a user session is configured by a Platform-wide default registry setting set by the Platform Administrator in the Platform Registry page of the SOC. It is recommended that you terminate your user session when you are finished making calls to the REST API.

Terminating a User Session

Terminate a User session by sending a DELETE request that specifies the Apprenda Session Token for the to-be-terminated session.


Replace CloudURI in the example above wiht your Platform’s Cloud URL. The example above assumes a CloudURI of “http://apps.apprenda.harp” and the Apprenda Session Token returned by the sample POST request above.

Example Request



Getting the Tenants a User Belongs to

You can use the REST API to get a list of Tenants or Development Teams you belong and that has a subscription to the Developer Portal.

The example below assumes a CloudURI of “http://apps.apprenda.harp”.

Example Request

Verb: GET

URL: https://apps.apprenda.harp/authentication/api/v1/sessions/developer/tenants?

Sample Response

"tenants": [