Authorization and Security

In this article

    Important

    Right after you install Veeam Backup for GCP, you must create the Default Administrator to access the Veeam Backup for GCP Web UI and REST API.

    To learn how to create the Default Administrator, see the Veeam Backup for GCP User Guide, section After You Install.

    To start working with the Veeam Backup for GCP REST API, users must first authenticate themselves and get authorization to make requests. Veeam Backup for GCP REST API authorization process is based on the OAuth 2.0 Authorization Framework and involves obtaining an access token and a refresh token.

    • Access token is a string that represents authorization issued to the client and that must be used in all requests during the current logon session.
    • Refresh token is a string that represents authorization granted to the client and that can be used to obtain a new access token if the current access token expires or becomes lost.

    By default, the Veeam Backup for GCP REST API access token expires in 15 minutes, refresh token expires in 2 weeks. You can change the expiration period of the refresh token to 60 minutes. For more information, see Requesting Authorization.

    For increased security, Veeam Backup for GCP allows you to use multi-factor authentication (MFA) to verify user identity. It is recommended to enable MFA for Veeam Backup for GCP users. For more information, see Multi-Factor Authentication or the Veeam Backup for GCP User Guide, section Enabling Multi-Factor Authentication.

    In This Section