Using Mantis for authentication?

General discussion of Mantis.

Moderators: Developer, Contributor

Post Reply
bodom
Posts: 5
Joined: 01 Feb 2017, 07:39

Using Mantis for authentication?

Post by bodom »

Hi there!

i am building a new app using the Mantis API. If i manage to complete it, i will release it as open source, just in case anybody is interested.

To access the API, an user needs to go to Mantis first and then create a Token, which is not an optimal solution for me.

I see the API has a `/api/rest/users/me/token` endpoint, yet I still need to already have a token to create a new token :)

Is there a way to call the API using username and password or any alternative method who can let my app autogenerate tokens?
vboctor
Site Admin
Posts: 1304
Joined: 13 Feb 2005, 22:11
Location: Redmond, Washington
Contact:

Re: Using Mantis for authentication?

Post by vboctor »

There is no way to use the username/password in the REST API.

A couple of questions for context:
1. What kind of app are you building? i.e. what kind of functionality does it offer?
2. Is it a web app or native app (e.g. Windows, Mac, iOS, Android).
Migrate your MantisBT to the MantisHub Cloud
bodom
Posts: 5
Joined: 01 Feb 2017, 07:39

Re: Using Mantis for authentication?

Post by bodom »

Thank for reply! I'm using tokens so far, maybe i'll implement some "automatic token creation" page in future then.

I'm developing an alternative web fronted for Mantis (similar to Taskodrome but standalone): the builtin one is fully featured, but i need something more modern and quickly accessible for everyday use.
kaivatony
Posts: 1
Joined: 11 Jun 2025, 07:37

Re: Using Mantis for authentication?

Post by kaivatony »

You're right — the current API flow in MantisBT requires a personal access token for authentication, and there's no built-in endpoint to generate one using just a username/password combo.

One workaround is to manually create a token through the UI the first time, then store and use it in your app securely.

Alternatively, if you control the Mantis instance, you could extend the REST API to support basic auth (though it's not recommended for production), or create a custom endpoint that handles token generation securely.

Looking forward to your open-source release — sounds like a useful project!
Hello, I'm Tony Kaiva.
Post Reply