Skip to main content

Get started

Authentication

To use the Repository Settings API, you need to authenticate with an access token:

  • For user-service interactions, copy your user access token directly from a given application in Guidewire Home or Cloud Console.
  • For service-to-service interactions, use your client credentials to get a token with specific scopes.

User access token

To authenticate with a user access token, you must be in the {tenant}.dev.{project}.all.gcc.ciconfigmanagers user group.

note

An access token expires after 60 minutes.

You can get an access token directly from Guidewire Home or Cloud Console:

  1. Log in to Guidewire Home or Cloud Console.

    In Guidewire Home, from Apps, select Repository Settings or select it from your pinned apps.

  2. Select your profile.

  3. Select Copy access token.

    This action copies an access token to your clipboard.

    Copy an access token in Cloud Console.


Access token with scopes

The Repository Settings API supports the following scopes:

ScopeDescription
scms.repositories.readList all active repositories in a star system.
scms.branchutils.readGet branch configuration for a repository.
scms.branchutils.writeModify branch configuration for a repository.
scms.defaultreviewers.readList all conditions configured for a repository.
scms.defaultreviewers.writeCreate, update, and delete conditions.
scms.mergechecks.readGet a merge check configuration.
scms.mergechecks.writeUpdate and remove merge check configuration.
scms.branchpermissions.readList all branch restrictions for a repository.
scms.branchpermissions.writeCreate, update, and delete branch restrictions.

To get an access token with scopes, you must authenticate with Guidewire Hub using your client ID and client secret.

Send the following POST request:

curl -s --location --request POST $GWHUB_URL \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=scms.mergechecks.read tenant.{tenantId} project.{projectId}" \
--data-urlencode "client_id=$GWHUB_CLIENT_ID" \
--data-urlencode "client_secret=$GWHUB_CLIENT_SECRET" | jq -r '.access_token'

Where:

  • GWHUB_URL depends on your region. Use one of the following:

    RegionURL
    AMERhttps://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token
    CANADAhttps://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token
    EMEAhttps://guidewire-hub-eu.okta.com/oauth2/ausc2q01c40dNZII0416/v1/token
    APAChttps://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token
    JAPANhttps://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token
  • scope must include tenant.{tenantId}, project.{projectId}, and at least one of the supported scopes.

The response contains a JSON object with the requested access token:

Example response
{
"token_type": "Bearer",
"expires_in": 3600,
"access_token": "xxxxxxxx",
"scope": "scope=scms.mergechecks.read tenant.{tenantId} project.{projectId}"
}

Make an authorized call

To authorize the API requests, add the obtained access token to an Authorization header:

Authorization: Bearer {access_token}

For example:

curl -s --location --request GET "$REPOSITORY_SETTINGS_URL" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"

Base URLs

Depending on your region, use one of the following base URLs:

RegionURL
AMERhttps://scmservice.api.omega2-andromeda.guidewire.net
CANADAhttps://scmservice.api.omega2-butterfly.guidewire.net
EMEAhttps://scmservice.api.omega2-cartwheel.guidewire.net
APAChttps://scmservice.api.omega2-circinus.guidewire.net
JAPANhttps://scmservice.api.omega2-milkyway.guidewire.net

When the documentation refers to {baseUrl}, replace it with the correct URL for your region.

Legal and support information

Published: December 3, 2024 at 9:55 AM

© 2024 Guidewire Software, Inc.