FogBugz XML API: Logging On


Follow

Overview

Only Admin and Normal users without 2FA enabled are able to generate valid tokens using the API. Generating tokens in the UI is the recommended approach.

Step-By-Step Guide

  • FogBugz itself supports several methods of logging on; however, the only method supported by the API is by providing an email address (or full name, just like FogBugz sign-in) and password in the logon method:
http://www.example.com/api.asp?cmd=logon&email=xxx@example.com&password=BigMac
  • Successful logon – you get back an opaque string token which you will use for all subsequent requests. This token will persist until you execute a logoff command. Token reuse is encouraged over issuing repeat logon commands.
<response><token>24dsg34lok43un23</token></response>
  • Ambiguous logon – there is more than one FogBugz user with that email address. FogBugz will supply you with a list of full names; you must provide the appropriate full name to log on
<response>
     <error code="2">Ambiguous Logon</error>
     <people>
               <person>John Hancock</person>
               <person>Fred Astaire</person>
     </people>
  </response>
  • If, for example, you get that response, you would prompt the user with a combo box to choose if they are John Hancock or Fred Astaire. If they are John, you would try logging on again with this URL:
http://www.example.com/api.asp?cmd=logon&email=John%20Hancock&password=BigMac
  • To check the validity of an existing token, pass the token to the logon command:
http://www.example.com/api.asp?cmd=logon&token=[your_token]
  • If your token is valid, you will receive:
<response><token>[your_token]</token></response>

For more information, refer to the complete XML API documentation for FogBugz.