FogBugz XML API: Logging On



Only Admin and Normal users without 2FA enabled are able to generate valid tokens using the API. Generating tokens in the UI is the recommended approach.

Step-By-Step Guide

  • FogBugz itself supports several methods of logging on; however, the only method supported by the API is by providing an email address (or full name, just like FogBugz sign-in) and password in the logon method:
  • Successful logon – you get back an opaque string token which you will use for all subsequent requests. This token will persist until you execute a logoff command. Token reuse is encouraged over issuing repeat logon commands.
  • Ambiguous logon – there is more than one FogBugz user with that email address. FogBugz will supply you with a list of full names; you must provide the appropriate full name to log on
     <error code="2">Ambiguous Logon</error>
               <person>John Hancock</person>
               <person>Fred Astaire</person>
  • If, for example, you get that response, you would prompt the user with a combo box to choose if they are John Hancock or Fred Astaire. If they are John, you would try logging on again with this URL:
  • To check the validity of an existing token, pass the token to the logon command:[your_token]
  • If your token is valid, you will receive:

For more information, refer to the complete XML API documentation for FogBugz.