curl --request GET \ --url 'https://softwaresolutions.mantishub.io/api/rest/issues?filter_id=unassigned' \ --header 'Authorization:h58meqhpRzLfnGRf6Pu8FA8thjWGvBFd'
At MantisHub we have been working for a while on the new modern REST API for remotely accessing MantisHub data and configuration. We now feel that we have enough coverage of MantisHub functionality to encourage our users to switch to it. The API can provide a great way to integrate MantisHub into your build system, IDEs, test management systems, other SaaS applications, or your own applications.
Tools for using the API
Similar to what you expect from any REST API, you should be able to easily leverage it from your preferred language and platform. You can get the documentation for the API from our API documentation. The API is published via Postman API network enabling you to easily download Postman definitions for the API and start hacking away. If you don’t already have Postman, you can download it from Postman website. For command line access to MantisHub, we developed PowerShell module which can be used from Windows, Mac or Linux. You can also use curl which is available by default for Mac and Linux.
For accessing the API you will need to authenticate, and for this you will need to generate a secure API token from within your MantisHub rather than passing username password. Instructions for generating a token can be found in our KB article here. Remember to record your generated token since it will only be displayed on generation and once you exit out you won’t be able to get it again. You should, of course, have separate tokens for each of your integrations which provides you with the ability to manage each integration independently and associate such integrations with appropriate users or system accounts in your system (e.g. a build user account).
Individual users, as well as administrators, can generate tokens so make sure the user has access to the functionality needed for the integration. For example, if a token is generated for user Bob who is a reporter for Project X and you run an API call using the token to update an existing issue or delete it, the call will fail. The only time you won’t need a token is if you have anonymous access enabled for your MantisHub and the integration only requires read-only access.
API endpoint and Resources
The Endpoint for your API will be
Following are examples of API capabilities around entities defined in MantisHub:
- Issues – Retrieve one issue, retrieve issues matching a filter, create, delete or update issues, add notes, tags, relationships, attachments, etc.
- Projects – Get a full list of all projects accessible to logged in user along with project specific configuration like categories, versions, custom fields, etc.
- Filters – Retrieve all filters definitions, a single filter definition, or delete filters.
- Users – Create or delete users or retrieve your user information.
- Configuration – Retrieve one or many configuration options.
- Localized Strings – Retrieve one or many Local Strings.
The API library is still growing so be sure to refer to the documentation for the most up-to-date API definitions.
MantisHub has a wide range of features and customizations that allow you to get the cover most of your software bug tracking and general issue tracking needs. We also provide a number of plugins and integrations including chat apps Slack and Hipchat, Source control integrations with GitHub and Bitbucket, JetBrains, TestLodge for test case management and more. And now with the REST API… your options just got even bigger!
**MantisHub’s previously supported SOAP API is now on the deprecation path in favor of the REST API.
API tokens provide users with more control, convenience, visibility and security when providing other services and apps access to their MantisHub.
Here are some of the benefits of API tokens compared to use of passwords:
- Tokens are 32 characters long and cryptographically secure, hence, they are much more secure than user passwords.
- Tokens are generated by MantisHub, hence, they are not going to be shared passwords with any other internet services that the users use.
- Users have visibility on when each token was last used to access MantisHub.
- Users can revoke one of the tokens without impacting others. Hence, can selectively deny access to specific services.
- Users can change their passwords without affecting the validity of the API tokens.
Users can generate API tokens via their My Account – API tokens. The tokens are only displayed once and should be used for one integration. The tokens can be passed in the password field when calling the MantisHub SOAP APIs. Note that it can’t be used to login via the MantisHub login page.