Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
128
Views
1
Helpful
0
Comments

API Authentication for CWM 2.0

Fredrik Bjuhr
Level 1
Level 1

on ‎09-25-2025 10:35 AM

CWM 2.0 introduces a new authentication mechanism for its APIs. This guide will walk you through the process of setting up authentication for testing purposes. While the examples use Python, the same concepts apply to other programming languages.

Step 1: Obtain a Ticket Granting Ticket (TGT):

First, request a Ticket Granting Ticket (TGT) by sending a POST request to the tickets endpoint with your username and password. Make sure to include the correct headers and payload:

 

cwm_base_url = 'https://10.53.59.20:30603/'  # Replace with your CWM base URL
request_header = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'}
ticket_url = f'{cwm_base_url}/crosswork/sso/v1/tickets'
payload = {'username': username, 'password': password}
ticket_res = requests.post(ticket_url, headers=request_header, data=payload)
ticket = ticket_res.text.strip()

 

Step 2: Exchange the TGT for a JWT Service Ticket

 

Once you have the TGT, use it to request a JWT Service Ticket. This ticket will allow you to access the CWM APIs. Send a POST request to the appropriate endpoint, including the TGT and service information: 

 

cwm_base_url = 'https://10.53.59.20:30603/'  # Replace with your CWM base URL
request_header = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'}
jwt_ticket_url = f'{cwm_base_url}/crosswork/sso/v1/tickets/{ticket}'
token_payload = f'service={cwm_base_url}app-dashboard&tgt={ticket}'
jsw_ticket_res = requests.post(jwt_ticket_url, headers=request_header, data=token_payload)
jwt_ticket = jsw_ticket_res.text

 

Step 3: Authenticate API Requests Using the JWT Service Ticket

With the JWT Service Ticket, you can now authenticate your API requests. Include the ticket in the Authorization header as a Bearer token:

 

cwm_base_url = 'https://10.53.59.20:30603/'  # Replace with your CWM base URL
request_header = {'Content-type': 'application/json', 'Accept': 'application/json', 'Authorization': f'Bearer {jwt_ticket}'}
api_url = f'{cwm_base_url}/crosswork/cwm/v2/job'
response = requests.get(api_url, headers=request_header)

 

This process enables secure access to the CWM 2.0 APIs for testing or integration purposes.

 

 

Labels:
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community:

Quick Links
Discussions
Customers Also Viewed These Support Documents