Using Mantis for authentication?

[bodom]

Hi there!

i am building a new app using the Mantis API. If i manage to complete it, i will release it as open source, just in case anybody is interested.

To access the API, an user needs to go to Mantis first and then create a Token, which is not an optimal solution for me.

I see the API has a `/api/rest/users/me/token` endpoint, yet I still need to already have a token to create a new token

Is there a way to call the API using username and password or any alternative method who can let my app autogenerate tokens?

[vboctor]

There is no way to use the username/password in the REST API.

A couple of questions for context:
1. What kind of app are you building? i.e. what kind of functionality does it offer?
2. Is it a web app or native app (e.g. Windows, Mac, iOS, Android).

[bodom]

Thank for reply! I'm using tokens so far, maybe i'll implement some "automatic token creation" page in future then.

I'm developing an alternative web fronted for Mantis (similar to Taskodrome but standalone): the builtin one is fully featured, but i need something more modern and quickly accessible for everyday use.

[kaivatony]

You're right — the current API flow in MantisBT requires a personal access token for authentication, and there's no built-in endpoint to generate one using just a username/password combo.

One workaround is to manually create a token through the UI the first time, then store and use it in your app securely.

Alternatively, if you control the Mantis instance, you could extend the REST API to support basic auth (though it's not recommended for production), or create a custom endpoint that handles token generation securely.

Looking forward to your open-source release — sounds like a useful project!