Get started
Authentication
To use the CI/CD Manager API, you need to authenticate with an access token:
- For user-service interactions, copy your user access token directly from Cloud Console.
- For service-to-service interactions, use your client credentials to get a token with specific scopes.
If you don't have an OKTA client, submit a ticket in Guidewire Community.
User access token
To authenticate with a user access token, you must be in the {tenant}.dev.{project}.all.gcc.ciconfigmanagers
user group.
An access token expires after 60 minutes.
You can get an access token directly from Cloud Console:
-
Log in to Cloud Console.
-
Select your profile.
-
Select Copy access token.
This action copies an access token to your clipboard.
Access token with supported scopes
The CI/CD Manager API supports the following scopes:
Scope | Description |
---|---|
cicd.insurerconfig.read | Get a CI/CD configuration for an application. |
cicd.insurerconfig.write | Update a CI/CD configuration for an application. |
cicd.metadata.read | List all the applications for a star system. |
cicd.schedules.read | Get a schedule configuration. List all the schedules for an application. List all the schedules for a star system. |
cicd.schedules.write | Create, update, and delete a schedule for an application. |
cicd.postdeploymenttests.read | Get the definition of a post-deployment test. List all the post-deployment tests for a star system. |
cicd.postdeploymenttests.write | Create, update, and delete a post-deployment test. |
cicd.qualitygates.read | Get the definition of a quality gate. List all the quality gates for a stage. List all the verifications for an artifact. |
cicd.qualitygates.write | Create, update, and delete quality gates and verifications. |
To get an access token with scopes, you must authenticate with Guidewire Hub using your client ID and client secret.
Send the following POST request:
curl -s --location --request POST $GWHUB_URL \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=tenant.{tenantId} project.{projectId} $SCOPES" \
--data-urlencode "client_id=$GWHUB_CLIENT_ID" \
--data-urlencode "client_secret=$GWHUB_CLIENT_SECRET" | jq -r '.access_token'
Where:
-
$GWHUB_URL
depends on your region. Use one of the following:Region URL AMER https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token
CANADA https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token
EMEA https://guidewire-hub-eu.okta.com/oauth2/ausc2q01c40dNZII0416/v1/token
APAC https://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token
JAPAN https://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token
-
$SCOPES
is a list with at least one supported scope, separated by white spaces.Example:
cicd.insurerconfig.read cicd.postdeploymenttests.write
.
The response contains a JSON object with the requested access token:
{
"token_type": "Bearer",
"expires_in": 3600,
"access_token": "xxxxxxxx",
"scope": "scope=cicd.insurerconfig.read tenant.{tenantId} project.{projectId}"
}
Make an authorized call
To authorize the API requests, add the obtained access token to an Authorization header:
Authorization: Bearer {access_token}
For example:
curl -s --location --request GET "$CICD_MANAGER_URL" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"
Base URLs
Depending on your region, use one of the following base URLs:
Region | URL |
---|---|
AMER | https://cicd-manager-service.api.orange.guidewire.net |
CANADA | https://cicd-manager-service.api.omega2-butterfly.guidewire.net/ |
EMEA | https://cicd-manager-service.api.omega2-cartwheel.guidewire.net |
APAC | https://cicd-manager-service.api.omega2-circinus.guidewire.net |
JAPAN | https://cicd-manager-service.api.omega2-milkyway.guidewire.net/ |
When the documentation refers to {baseUrl}
, replace it with the correct URL for your region.
Was this page helpful?