Visualize Plutora’s API With Swagger

Administrators can increase the security of external APIs for each site (subdomain) by whitelisting single IP addresses or IP address ranges. External API requests that come from an IP that isn’t on the whitelist will receive an Authorization has been denied for this request error message.

Swagger provides users with interactive documentation so they can visualize and test the API of the various modules of Plutora.

Swagger can be used with or without a token:

  • Without a token: Users can view code samples.
  • With a token: Users can view code samples and also use the API.

You can also download the Plutora REST API Primer v1.4.1 and Github sample scripts and see API User Stories.

Please update your scripts. The GET [Entity] JSON response will be updated in early April 2019. The new JSON response and a maximum of 100 records per page will only be returned if pageNum is used. This will allow current scripts to be used until the new JSON response becomes the default in May or June 2019.

To use Swagger with a token:

1a. Enable API in Plutora’s API Customization and generate a client_id and client_secret

API requests have a rate of throttling per API key to 26,000 requests per hour.

To enable API:

  1. Go to Settings > Customization > Integration.
  2. Click API.
  3. Click to select the Enabled checkbox.
  4. Click Generate New Client Credentials.
  5. Copy and save the client_ID and client_secret.
    API Customization with arrows


1b. Enable API in Plutora Test’s (Stryka’s) API Customization and generate a client_id and client_secret

Administrators need the Enable/Disable APIs user permission to enable Plutora Test’s API and generate new API keys.

To enable the API of Plutora Test (Stryka) and generate API keys:

  1. Click Settings.
  2. Click the Integrations tab.
  3. Click API.
    Plutora Test API Sept 8 2017
  4. Click to select the Toggle to enable/disable API access checkbox. The API Status will change to Enabled.
  5. Click Generate New API Keys.
  6. Copy and save the API Client ID and API Client Secret.



2. Download and install Postman app

To download and install the Postman app:

  1. Go to
  2. Click the Download button for your platform. (Mac, Windows, or Linux.)
  3. Install Postman app:
    1. For Windows:
      1. Click the downloaded file to run the installer.
      2. Follow the prompts.
    2. For Mac:
      1. Double click to open the downloaded zip file.
      2. Drag the Postman app into your Applications folder.
    3. For Linux:
      1. Follow these instructions:


3. Retrieve a Token from the Authorization Server

Tokens expire in 23 hours. After 23 hours, please create another token.

To use Postman app to retrieve a token from the authorization server:

  1. Click to open Postman app.
    Postman app
  2. Click Create basic request.
  3. Save your request by:
    1. Typing a Request name and Request description.
    2. Selecting a Collection.
    3. Clicking Save.
  4. Select Post from the Get drop-down menu.
  5. Select OAuth 2.0 from the Type drop-down menu under the Authorization tab.

    Plutora API does not allow No Auth. 
  6. Type the Request URL into the Enter request URL field.

    The Request URL for all of Plutora’s modules (including Stryka or Plutora Test) is:
    https://[Country code: us, uk, au]
    For example, US customers would type:
  7. Click the Body tab.
  8. Click to select the x-www-form-urlencoded radio button.
  9. Click the Key field and type or paste client_id.

  10. Click the Value field and paste in the client_id generated in step 1.
  11. Continue until you have added all the keys and values in the table below.
Key Value
client_id Paste the client_id generated from Plutora or Plutora Test (Stryka).
client_secret Paste the client_secret generated from Plutora or Plutora Test (Stryka).
grant_type Type “password”. (The actual word “password”, not your Plutora password.)
username Type the email address you use to log into Plutora or Plutora Test (Stryka).
password Type the password you use to log into Plutora or Plutora Test (Stryka).

Your screen should look like this:

  1. Click Send.
    After a few seconds of loading, the access token should appear.
    If using credentials from Plutora Test (Stryka) you may need to click Send a second time.

    Access token with arrows
  2. Copy and save the access token without the double quotes.


4. Add the token to Swagger

To add the token to Swagger:

      1. Open your country’s API in your browser:
      2. Type “bearer [[token]]” where [[token]] is the token you just obtained from Postman, minus the [[]].
        Bearer token location red rectangle
      3. Click Explore.


5a. Test Swagger for Plutora

Test Swagger by bringing up a Change from its ID:

      1. Get the Change ID:
        1. Click GET /changes.
        2. Select application/json from the Response Content Type drop-down menu (if it hasn’t been select already).
        3. Click Try it out!
        4. Select and copy a Change ID.
          Select and copy a Change ID
      2. Bring up the Change by its ID:
        1. Click GET /changes/{id}.
        2. Select application/json from the Response Content Type drop-down menu (if it hasn’t been selected already).
        3. Paste the Change ID into Value.
          Get Changes ID Swagger
        4. Click Try it out!
          Change ID result


5b. Test Swagger for Plutora Test (Stryka)

Test Swagger by bringing up a Defect from its ID and updating its Name and Description:

      1. Get the Defect ID:
        1. Click Defects.
          Get Defects Swagger
        2. Click POST /defects/Search.
        3. Select application/json from the Response Content Type drop-down menu (if it hasn’t been selected already).
          Swagger defects search
        4. Paste the following code into filter.
          This code will bring up a page containing 25 Defects.

        5. Click Try it out!
        6. Copy a Defect ID.
      2. Change the name and description of the Defect:
        1. Click PATCH /defects/{id}.
        2. Paste the Defect ID into the id field.
          Patch defect id
        3. Paste the following code into the defectDelta field.
          This code will change the Defect’s Title to Swagger Example 111 and its Description to “This description was changed with the help of Swagger.” 

          "Name": "Swagger Example 111",
          "Description":"This description was changed with the help of Swagger."
        4. Click Try it out!


6. How to get stackLayerID, stackLayer, and stackLayerType

In Plutora’s user interface, stackLayerID, stackLayer, and stackLayerType can be found in Stack Layer Customization.

In Swagger, stackLayerID, stackLayer, and stackLayerType can be viewed in the Hosts resource.


7. Business Logic Notes for Plutora Swagger

For POST /releases the following business logic applies:

      • The Implementation Date can be in the past, present, or future.
      • The Release Status must not be in an End State.
      • Project and Independent Releases, but not Enterprise Releases, can be POSTed to.


Back to the top arrow

Be the first to find out about new features. Subscribe to the Release Notes email. Subscribe Now

Was this article helpful?

6 found this helpful.