Veeam Backup for Microsoft Office 365 3.0 [Archived]
RESTful API Reference
Related documents
User GuidePowerShell ReferenceVeeam Explorers User GuideVeeam Explorers PowerShell Reference
Search
This is an archive version of the document. To get the most up-to-date information, see the current version.

Authorization and Security

In this article

    To start working with Veeam Backup for Microsoft Office 365 RESTful API, clients must first authenticate themselves. Veeam Backup for Microsoft Office 365 RESTful API authorization process is based on the OAuth 2.0 Authorization Framework and involves obtaining an access token and a refresh token:

    • Access token is a string that represents authorization issued to the client and must be used in all requests during the current logon session.
    • Refresh token is a string that represents authorization granted to the client and can be used to obtain a new access token when the current access token expires.

    Veeam Backup for Microsoft Office 365 RESTful API authorization process involves the following procedures:

    Requesting Authorization

    To obtain a pair of tokens, the client sends the POST HTTPS request to the Veeam Backup for Microsoft Office 365 RESTful API token path. The request body must contain credentials for authenticating with the Veeam Backup for Microsoft Office 365 server.

    A successfully completed operation returns the 200 Success response code and an access and a refresh token in the response body. The client inserts the access token in headers of further requests to Veeam Backup for Microsoft Office 365 RESTful API. The refresh token must be saved locally.

    Authorization and Security Tip:

    To learn how to authorize your access using a client application, you can review the Example Requests and Responses section. Alternatively, you can use Swagger UI.

    Using Refresh Token

    To obtain a new pair of tokens in case the access token expires or becomes invalid, the client sends the POST HTTPS request with the refresh token in the request body to the Veeam Backup for Microsoft Office 365 RESTful API token path. A successfully completed operation returns the 200 Success response code and a new pair of tokens in the response body.

    Performing Logout

    The given access token expires in 60 minutes once it is issued. When the client finishes working with the Veeam Explorer for Microsoft Exchange, Veeam Explorer for Microsoft SharePoint or Veeam Explorer for Microsoft OneDrive he can stop his restore session manually through (POST) /RestoreSessions/{ID}/Action or it will be disabled automatically.

    Example Requests and Responses

    The following example illustrates how the client and server communicate using requests and responses.

    1. To obtain an access and a refresh tokens send the POST HTTPS request to the Veeam Backup for Microsoft Office 365 token path. In the request body, enter the credentials for authenticating with the Veeam Backup for Microsoft Office 365 server.

    Request:

    POST https://support.east.local:4443/v3/Token

     

    Request Body:

    grant_type=password&username=tech\administrator&password=PassWord1

    Wait for the response from the server. A successfully completed operation returns response code 200 OK.

    Response:

    200 OK

     

    Response Body:

    {

     "access_token":"AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAA5Ck8ocJ100Wyxh8hdKuiEwAAAAACAAAAAAAQZgAAAAEAACAAAABHCQCYPKfpXWKw_uoeoq20pNhKX-lyip5kdBIqDhiVsQAAAAAOgAAAAAIAACAAAABGFN15MbhZZ6I93ZR3gk1PCwpX7JodpsGaiXN2dXXlnsAAAACR9Ex4dJi6FQx6TL4_qJnn6UhGYoOcRboeojjMdLXnuce6wDr2_3aUfaJEpts0FUdrF_vZLSs7S_9pgtQJ1-ZrsjW4lomnLRdaN-EhCiLHKQ3N2cOylnNPv9Ycwrao5HDgT3ydfHF8BrMuCsvluuqizSSBGZyWRJmJbfyaSFQaVnxpqHlJCCSyogNLdmQGLKM-LmcBxsRvNP1qsRLRDeHniu9gyXWcpnZMjtOIpjkKCt603zl-4ha3H2wzn0k4JRdAAAAALal2CIHeK4bTmTSRfTI7xgV5MTYI7LFEGJBkG-LkYZuj6YD1lTq1WuPQ_Pkmf0WKRI_mwOmSB40LyJH0uk-cjA",

     "token_type":"bearer",

     "expires_in":60,

     "refresh_token":"AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAA5Ck8ocJ100Wyxh8hdKuiEwAAAAACAAAAAAAQZgAAAAEAACAAAAAFXnoKO_LrlINdvNVDzqIeKB-opJRRyifnSGCCZN451gAAAAAOgAAAAAIAACAAAADBlvQhlBL_6WJUaOKTv3snGBxQFgr9sBDUwwvtAQx6J8AAAADQ8kWrxs7_2EpRX8pFejNzte1OSDvyU4WhyIKc7oKm5ja5KnqdVR778Ypi_fsCn4IBFbxlGFbLMDcUIRfH8UQCew3waMBYWg9WPyaMFOb0uBZTI1VAjEJEpHyehyaikKJdXOipeP8IoMVeQfLmJ-Jq_8OeLjIQSQEOqkgiImFXX2nu2HlgiXsYy9hA6t9_xek7nMY25X5_KQVobbnKBe0bkqb0OjenI3Pbrl8vgnyVem0kPsuDJtOTKnoPESzNqy9AAAAA6_NWQSQcujiwl-BWBfEZxdozsobU5H0bHWxM7WPYFdIwfjAeUIxvrpns4IXaE0z_VAnUYLOkT-ep-uiouWd_Jw",

     ".issued":"Thu, 04 April 2017 14:33:40 GMT",

     ".expires":"Fri, 04 April 2017 15:33:40 GMT"

    }

    The response body contains access and refresh tokens. Copy both tokens: insert an access token in headers of further requests. A refresh token must be saved locally.

    1. When an access token expires you can either obtain it again or renew using a refresh token. To renew the access token, send POST HTTPS request to the Veeam Backup for Microsoft Office 365 token path. In the request body, enter the refresh token.

    Request:

    POST https://support.east.local:4443/v3/Token

     

    Request Body:

    grant_type=refresh_token&refresh_token=<refresh_token>

    Wait for the response from the server. A successfully completed operation returns response code 200 OK and a new pair of tokens in the response body.

    I want to report a typo

    There is a misspelling right here:

     

    I want to let the Veeam Documentation Team know about that.