Skip to main content


There are two ways to authenticate with Otto’s API - BasicAuth or Access Tokens. In both cases, the username and password to provide are the FileMaker Server Admin Console credentials.

Basic Authentication

You can use HTTP Basic Authentication with each request to the Otto Developer API. Use the FileMaker Server Admin Console user name and password. This is what Otto uses to communicate to the other Otto Servers participating in a migration.

See the documentation of whatever tool, like PostMan, or code library you are using to make requests on how to use Basic Authentication.

Access tokens

You can get an access token by Posting to an authentication route. The token expires in 6 hours.

**POST /authentication
**contentType : application/json
no authentication required

"strategy": "local",
"user": "\<user\>",
"password": "\<password\>"


{ "accessToken": "eyJhbGciOiJIUzI1NiIsIn..."}

Use that token with an Authorization header for any subsequent requests, like this:

Authorization: Bearer eyJhbGciOiJIUzI1NiIsIn…

You can get a new token at any time before the old one expires by Posting to /authentication with the token in the Authorization header. This will give you a new token.

Admin API Keys

Otto can now provide API Keys for this API as well as the FileMaker Server Admin Api. You can use these keys to authenticate instead of the methods provided above. Learn more.