SolarWinds API Token
Complete guide to generating and managing your SolarWinds Service Desk API token for Alert Bridge.
What is an API Token?
An API token is a secure authentication credential that allows Alert Bridge to:
- ✅ Create incidents in SolarWinds
- ✅ Update existing incidents
- ✅ Add comments to incidents
- ✅ Resolve incidents when alerts clear
Generating a Token
Step 1: Log into SolarWinds
- Go to your SolarWinds Service Desk URL
- Log in with administrator credentials
Step 2: Navigate to API Settings
Option A: Modern Interface
- Click your profile (top-right)
- Select “Developer” or “API”
- Click “Tokens” or “API Access”
Option B: Classic Interface
- Go to Setup → Account
- Find “API Tokens” or “Integrations”
- Click “Generate New Token”
Step 3: Create Token
- Click “Generate New Token” or “Create Token”
- Name:
Cynteo Alert Bridge - Description:
Azure Monitor integration - Permissions: Select required permissions (see below)
- Click “Generate” or “Create”
Step 4: Copy Token
⚠️ Important: Copy the token NOW - you won’t see it again!
Bearer eyJ0eXAiOiJKV1QiLCJhbGc...
Store securely in:
- Azure Key Vault (recommended)
- Password manager
- Secure note
Required Permissions
The API token needs these permissions:
| Permission | Required | Purpose |
|---|---|---|
| Read Incidents | ✅ Yes | Check for existing incidents (dedup) |
| Create Incidents | ✅ Yes | Create new incidents from alerts |
| Update Incidents | ✅ Yes | Update incidents when alerts fire again |
| Add Comments | ✅ Yes | Add alert updates as comments |
| Resolve Incidents | ⚠️ Optional | Auto-resolve when alerts clear |
| Delete Incidents | ❌ No | Not required (security best practice) |
| Manage Users | ❌ No | Not required |
| Admin Access | ❌ No | Not required |
Minimal Permissions
For maximum security, only grant:
- incidents:read
- incidents:create
- incidents:update
- comments:create
Token Format
Full Token
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FwaS5zYW1hbmFnZS5jb20iLCJpYXQiOjE2MTYxNjE2MTYsImV4cCI6MTY0NzY5NzYxNiwianRpIjoiYWJjMTIzIn0.signature
Token Parts
- Prefix:
Bearer(with space) - Type: JWT (JSON Web Token)
- Parts: Header.Payload.Signature
Configuring Alert Bridge
Option 1: Direct (Not Recommended)
Store token directly in Logic App configuration:
{
"SOLARWINDS_API_TOKEN": "Bearer eyJ0eXAiOi..."
}
⚠️ Not recommended - Token visible in Logic App configuration
Option 2: Azure Key Vault (Recommended)
Store token in Key Vault:
Step 1: Add to Key Vault
az keyvault secret set \
--vault-name your-key-vault \
--name solarwinds-api-token \
--value "Bearer eyJ0eXAiOi..."
Step 2: Grant Logic App Access
# Enable Managed Identity on Logic App
az logicapp identity assign \
--name your-logic-app \
--resource-group your-rg
# Grant Key Vault access
az keyvault set-policy \
--name your-key-vault \
--object-id <logic-app-identity-id> \
--secret-permissions get
Step 3: Reference in Logic App
{
"SOLARWINDS_API_TOKEN": "@Microsoft.KeyVault(SecretUri=https://your-vault.vault.azure.net/secrets/solarwinds-api-token/)"
}
Testing the Token
Via cURL
curl -X GET "https://api.samanage.com/incidents.json" \
-H "X-Samanage-Authorization: Bearer YOUR_TOKEN" \
-H "Accept: application/json"
Expected: List of incidents (200 OK)
Error 401: Token invalid or expired
Via PowerShell
$headers = @{
"X-Samanage-Authorization" = "Bearer YOUR_TOKEN"
"Accept" = "application/json"
}
Invoke-RestMethod -Uri "https://api.samanage.com/incidents.json" -Headers $headers
Via Logic App Test
- Deploy Logic App with token
- Trigger a test alert
- Check Logic App run history
- Look for SolarWinds API errors
Token Security
Best Practices
- Use Key Vault - Never store in plain text
- Rotate Regularly - Update every 90 days
- Minimal Permissions - Only grant what’s needed
- Monitor Usage - Track API calls for anomalies
- Separate Tokens - Different tokens for dev/prod
Rotation Schedule
| Environment | Rotation Frequency |
|---|---|
| Production | Every 90 days |
| Staging | Every 180 days |
| Development | Annual |
Compromised Token
If token is compromised:
- Immediately Revoke in SolarWinds
- Generate New Token
- Update Key Vault with new token
- Restart Logic App
- Review Audit Logs for unauthorized access
Token Management
Viewing Active Tokens
- SolarWinds → API Settings
- View list of active tokens
- See:
- Token name
- Creation date
- Last used date
- Expiration (if set)
Revoking Tokens
- Find token in list
- Click “Revoke” or “Delete”
- Confirm revocation
- Token immediately invalidated
Updating Token in Alert Bridge
After generating new token:
If using Key Vault:
az keyvault secret set \
--vault-name your-key-vault \
--name solarwinds-api-token \
--value "Bearer NEW_TOKEN_HERE"
Logic App automatically picks up new value within 5 minutes.
If using direct configuration:
- Go to Logic App → Configuration
- Update
SOLARWINDS_API_TOKEN - Click Save
- Logic App restarts
Troubleshooting
401 Unauthorized
Causes:
- Token expired
- Token revoked
- Token format incorrect (missing “Bearer “)
- Wrong SolarWinds instance URL
Solutions:
- Generate new token
- Verify token format:
Bearer+ token - Check SolarWinds base URL matches your instance
403 Forbidden
Causes:
- Token lacks required permissions
- User account disabled
- IP restrictions
Solutions:
- Check token permissions in SolarWinds
- Verify user account is active
- Check API access restrictions
Token Not Found in Key Vault
Causes:
- Secret name mismatch
- Logic App lacks Key Vault permissions
- Secret deleted
Solutions:
- Verify secret exists:
az keyvault secret show - Check Logic App Managed Identity has access
- Restore secret if deleted
API Limits
Be aware of SolarWinds API rate limits:
| Plan | Requests/Hour | Requests/Day |
|---|---|---|
| Trial | 100 | 1,000 |
| Standard | 1,000 | 10,000 |
| Premium | 5,000 | 50,000 |
| Enterprise | Custom | Custom |
Alert Bridge automatically respects these limits with request queuing.
See Also
- SolarWinds Setup - Complete setup guide
- Security Overview - Security best practices
- Environment Variables - Configuration options
Questions? Contact support@cynteocloud.com