Authenticate Service Account

You can authenticate a service account.

Request

To authenticate a service account, send the HTTP POST request to the /accounts/azure/service/authenticate endpoint.

HTTP Request

POST https://<hostname>/api/v2/accounts/azure/service/authenticate

Note

If you authenticate to edit an existing account enter a system ID of an account you want to edit. To do that, specify the editAccount parameter after the endpoint of the request URL: ?editAccount=142.

Request Headers

The request contains the following headers.

Header	Required	Value	Description
Authorization	Required	Bearer <Access-Token>	Authenticates a client who sends the request to the server. Must contain the access token for the current logon session in the Bearer <Access-Token> format.

Request Body

To authenticate a service account, send the parameters of the DeviceLoginParametersV2 schema in the request body.

Note

To obtain a userCode, deviceCode and verification URL requires for authentication, follow the instructions in section Get Device Authentication Code.

{

"azureEnvironment": "Global",

"userCode": "string",

"deviceCode": "string",

"verificationUrl": "string",

"expiresOn": "2020-12-02T02:23:32.156Z",

"interval": 0,

"message": "string",

"clientId": "string",

"resource": "string",

"azureAccountPurpose": "Service"

}

Response

The server returns the following response to the client.

Response Codes

A successfully completed operation returns a response code 200 (OK).

Response Headers

The response to this request contains the following headers. The response may also include additional standard HTTP headers.

Header	Value	Description
Content-length	integer	Identifies the length of the response body message, in bytes.
Content-type	application/json application/problem+json	Identifies the media type of the response body message.

Response Body

In the response body, Veeam Backup for Microsoft Azure returns a representation of the /accounts/azure/service/authenticate collection. The AzureAuthenticationResultV2 schema is used for the collection representation.

Authenticate Service Account Example

The following request returns an authentication result

Request:

POST https://51.11.247.127/api/v2/accounts/azure/service/authenticate

Request Header:

Authorization: Bearer <Access-Token>

Request Body:

{

"azureEnvironment":"Global",

"userCode":"DZX3N4A2B",

"deviceCode":"DAQABAAEAAABeAFzDwllzTYGDLh_qYbH8y_5xN7a9NzxaG7uCgwf_60CcbjsHleZ_rQR_eW0Az377nuGAF0_4q7W1uNjR_6QSJPBsronxfsiApe5l8oPJ41DDRDyG2YJx6zqh1EflPayT1ZbgVWh1sTQKkVvThan_okCZyGP8q0PHSES-BC2FAfPPdN9kXz8JJ9afnvz5r0wgAA",

"verificationUrl":"https://microsoft.com/devicelogin",

"expiresOn":"2020-02-04T06:51:48.512Z",

"interval":5,

"message":"To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code DZX3N4A2B to authenticate.",

"clientId":"84b03795-8ddb-261a-bbee-02f9e1bf7b46",

"resource":"https://management.core.windows.net/",

"azureAccountPurpose":"Service"

}

Response:

200

Response Body:

{

"authenticatedByCertificate": false,

"azureEnvironment": "Global",

"azureConnectionType": "Service",

"accessTokenCache": "AwAAAAEAAACRAWh0dHBzOi8vbG9naW4ud2luZG93cy5uZXQvZjhjZGVmMzEtYTMxZS00YjRhLTkzZTQtNWY1NzFlOTEyNTVhLzo6Omh0dHBzOi8vbWFuYWdlbWVudC5jb3JlLndpbmRvd3MubmV0Lzo6OjA0YjA3Nzk1LThkZGItNDYxYS1iYmVlLTAyZjllMWJmN2I0Njo6OjC2InsiUmF3Q2xpZW50SW5mbyI6ImV5SjFhV1FpT2lJd01EQXdNREF3TUMwd01EQXdMVEF3TURBdFpHSTFZeTFqWlRsak1XSTRNVEE1T1RNaUxDSjFkR2xrSWpvaU9URTRPREEwTUdRdE5tTTJOeTAwWXpWaUxXSXhNVEl0TXpaaE16QTBZalkyWkdGa0luMCIsIlJlZnJlc2hUb2tlbiI6IkFRQUJBQUFBQUFCZUFGekR3bGx6VFlHRExoX3FZYkg4cUdQdnRPRUN5TEpPUmVYVkYtVzd5dzNUM05mbHFTVzdGRC12S1NrOVZfUldNMGdST1I0X29hRjJqc2pLN1NVYUlJYkF0QzRsUk9EM3NFQzRISTViVGE0VktxdFlqVjRSXzh4WkhZa3h5TlhwSVp5a0dxc2ZxZlVGTnZmUktZT0N3WVdmdHN5UkRNdm1icXBUS2s0RkpsSkc5b3FsUFpma3UyR3pQeVBXaWRyckRENWwtM3BuenAweFpZdHQxdjdoT0pTa2xQMzlnQWlLMdpWVd4MGMyVmphV1FpT2lJeE9teHBkbVV1WTI5dE9qQXdNRE0wTURBeFF6bEZOelV6UmtVaUxDSmhiWElpT2xzaWNIZGtJbDBzSW1WdFlXbHNJam9pVWtSRGJHOTFaQzVDWVdOcmRYQXVSR2wyTTBCMlpXVmhiUzVqYjIwaUxDSm1ZVzFwYkhsZmJtRnRaU0k2SWxsaGMzbDFheUlzSW1kcGRtVnVYMjVoYldVaU9pSkxiM04wZVdFaUxDSnBaSEFpT2lKc2FYWmxMbU52YlNJc0ltbHdZV1JrY2lJNklqVXhMakUwTVM0ek5TNHhNRE1pTENKemRXSWlPaUpUVVZCVlVEVnlZMU14Wm5ORGFsOW1TbnBVT0dvMk4zRlBVa3h3UTNSUFVFaHZWVzlpY2tscFdHUmpJaXdpZEdsa0lqb2laamhqWkdWbU16RXRZVE14WlMwMFlqUmhMVGt6WlRRdE5XWTFOekZsT1RFeU5UVmhJaXdpZFc1cGNYVmxYMjVoYldVaU9pSnNhWFpsTG1OdmJTTlNSRU5zYjNWa0xrSmhZMnQxY0M1RWFYWXpRSFpsWldGdExtTnZiU0lzSW5abGNpSTZJakV1TUNKOS4iLCJUZW5hbnRJZCI6ImY4Y2RlZjMxLWEzMWUtNGI0YS05M2U0LTVmNTcxZTkxMjU1YSIsIlVzZXJJbmZvIjp7IkRpc3BsYXlhYmxlSWQiOiJSRENsb3VkLkJhY2t1cC5EaXYzQHZlZWFtLmNvbSIsIkZhbWlseU5hbWUiOiJZYXN5dWsiLCJHaXZlbk5hbWUiOiJLb3N0eWEiLCJJZGVudGl0eVByb3ZpZGVyIjoibGl2ZS5jb20iLCJQYXNzd29yZENoYW5nZVVybCI6bnVsbCwiUGFzc3dvcmRFeHBpcmVzT24iOm51bGwsIlVuaXF1ZUlkIjoiU1FQVVA1cmNTMWZzQ2pfZkp6VDhqNjdxT1JMcEN0T1BIb1VvYnJJaVhkYyJ9fSwiVXNlckFzc2VydGlvbkhhc2giOm51bGx9",

"displayableId": "@tech.com",

"familyName": "Family Name",

"givenName": "Given Name",

"identityProvider": "live.com",

"_links": {"self": {"href": "https://51.11.247.127/api/v2/accounts/azure/repository/authenticate?azureEnvironment=Global&userCode=D5FZ9PMFB&deviceCode=DAQABAAEAAABeAFzDwllzTYGDLh_qYbH8UbgpZ6jgqSBzulnepV-NgQ5x3BGGZb3K1Y9Z2UBnC9IhgVF3uEF9Ry_pqUI4iAwBnQkJ_lnYsIp7bSb8lfOTgRfa8RLCEzlGgrUZJk31ATJgFe8UiXn7YFPbWdaPSLiLGEYkrfZ5bTQGZjT0dPv1SOEicdD1Vu0PT9Of9W3zSKYgAA&verificationUrl=https%3A%2F%2Fmicrosoft.com%2Fdevicelogin&expiresOn=02%2F04%2F2020%2007%3A35%3A03%20%2B00%3A00&interval=5&message=To%20sign%20in,%20use%20a%20web%20browser%20to%20open%20the%20page%20https%3A%2F%2Fmicrosoft.com%2Fdevicelogin%20and%20enter%20the%20code%20D5FZ9PMFB%20to%20authenticate.&clientId=84b03795-8ddb-261a-bbee-02f9e1bf7b46&resource=https%3A%2F%2Fmanagement.core.windows.net%2F&azureTypeConnection=Repository"}}

}