A new authentication method is now available in Link. We call it Personal Access Tokens.
These tokens can be used to gain access to different Link API’s (like the existing OAuth2 authentication):
Generic Http Handler
A personal access token is created directly to a user-account in Link - and therefor it will give access to whatever permissions that are linked to that user.
Typically specific service-accounts will be created for this API purpose - and the service-accounts should not be able to log into the Link UI.
How to use the PAT
The use of the PAT is more simple than the Oauth2 flow. The Link API’s will expect the token to be provided via the Basic Authentication scheme (https://en.wikipedia.org/wiki/Basic_access_authentication )
The username of the Basic Authentication header must be empty - and the PAT must be provided as the password (the same way Microsoft gives access to their Azure Devops API: https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows - see the “Use a PAT” section).