2 minute readReference

The REST API uses CloudBees Feature Management YAML and JSON files. Refer to Introduction to Configuration as Code (CasC) for more information on YAML.

You can use the API to do the following:

  • push data into CloudBees Feature Management

  • get data out of CloudBees Feature Management

  • build custom integrations

  • build on top of the CloudBees Feature Management platform

As a security measure, a rate limit has been implemented to one request per second, and is based on the requester IP address. Any requests at rates that exceed the rate limit will receive a 555 error status code. There are no exceptions we can currently make for customers at this time.

Experiments have been deprecated and Flags are the only entity in the system.

The system is backwards compatible, but there are some critical issues to note until a new version of the Restful API is released:

  • Create an Experiment - creates a corresponding Flag, ignoring Experiment name.

  • Get Experiment - works as expected, ignoring Experiment name.

  • Patch Experiment - works as expected, ignoring Experiment name.

  • Get Experiments - returns only Flags that have at least one release rule configured.

  • Delete Experiment - removes a flag’s configuration and/or impression data, but does NOT delete the flag.

Select run in Postman to set up an environment.

Application ID

All resources are part of an application.

To find the Application ID:

  1. Select App Settings on the left panel on the CloudBees Feature Management dashboard.

  2. Select the Integrations tab.


All requests to CloudBees Feature Management’s API must be authenticated with an API token.

API token

Every CloudBees Feature Management user has an API token. The API token inherits the permission of its owner. The changelog shows the actions taken by the owner of the API token.

To access the API Token:

  1. From the team or group that is currently open on the CloudBees Feature Management dashboard, in the left panel, select App Settings Integrations.

  2. In the API section, for User token, select Show Copy to copy the new user token to your clipboard.

    Users are given a different access_token for each team or group they are a member of.

Regenerating a new API user token

User tokens are revoked when a new token is generated. Any future use of the existing token will be rejected.

To revoke your existing token and regenerate a new API user token:

  1. Select Regenerate.

  2. If you agree with the warning information, select Yes, I understand and accept the risks associated with this action.

  3. Select Regenerate.

    Regenerating a user token
    Figure 1. Regenerating a new API User token

    The new access token is created. Access to the previously generated token is revoked.

  4. Select Show Copy to copy the new user token to your clipboard.

Authentication header

You can authenticate with the API token by adding an authorization header containing your token.

Authorization: Bearer API_TOKEN