Configuring REST API and Restore Portal on Separate Machine

To configure REST API and Restore Portal on a separate machine, do the following:

  1. Open the Veeam Backup for Microsoft 365 REST API component installation folder.

By default, Veeam Backup for Microsoft 365 REST API component is installed to the C:\Program Files\Veeam\Backup365 folder.

  1. Run the Veeam.Archiver.REST.Configurator.exe file.

The Veeam Backup for Microsoft 365 window opens.

  1. Configure REST API settings. For more information, see Configuring REST API Settings.
  2. Configure Restore Portal settings. For more information, see Configuring Restore Portal Settings.
  3. Click Apply.
  4. Click OK to close the Veeam Backup for Microsoft 365 window.

Configuring REST API Settings

On the REST API tab, do the following:

  1. Select the Enable REST service check box.
  2. In the Authentication token lifetime field, specify the lifetime value for an authentication token (in minutes).

REST API authorization is based on the OAuth 2.0 Authorization Framework.

  1. In the HTTPS port field, specify a port number which Veeam Backup for Microsoft 365 use to access Veeam Backup for Microsoft 365 REST API Service.
  2. In the Controller host field, specify a DNS name or IP address of the Veeam Backup for Microsoft 365 server.
  3. Click Install to specify an SSL certificate.

You can generate a new certificate or select an existing certificate using the Select Certificate wizard. For more information, see Installing SSL Certificates.

Note

If you have generated a new self-signed certificate for restore operators, you must import the certificate for restore operators to the Trusted Root Certification Authorities certificate store on the separate machine with REST API installed.

Configuring RESTful API Settings

Configuring Restore Portal Settings

On the Restore Portal tab, do the following:

  1. Select the Enable Restore Portal check box.
  2. From the Region drop-down list, select a Microsoft Azure region.

Keep in mind that if you change your Microsoft Azure region, you must also specify another Azure AD application.

  1. In the Application ID field, specify an identification number of Azure AD application that you want to use to access Restore Portal.

You can find this identification number in the application settings of your Azure Active Directory. For more information, see this Microsoft article. Make sure to manually grant the required permissions to your Azure AD application.

  1. In the Restore Portal URL field, specify web address of a machine with the Veeam Backup for Microsoft 365 REST API component installed. Restore operators and end users will use this web address to open Restore Portal in a web browser window.

Consider the following:

  • The website is available over HTTPS protocol only.
  • By default, port 4443 must be opened on the Veeam Backup for Microsoft 365 server or a machine with the Veeam Backup for Microsoft 365 REST API component installed. For more information, see Ports.
  • The web address must be specified in one of the following formats:
  • https://<IPv4 address>:<port number>, where <IPv4 address> is a public IPv4 address of a machine with the Veeam Backup for Microsoft 365 REST API component installed. For example, https://135.169.170.192:4443.
  • https://<DNS hostname>:<port number>, where <DNS hostname> is DNS hostname of a machine with the Veeam Backup for Microsoft 365 REST API component installed. For example, https://portal.abc.com:4443.
  1. In the Application certificate section, click Install to specify an SSL certificate that you want to use for data exchange between Restore Portal and the specified Azure AD application.

You can generate a new certificate or select an existing certificate using the Select Certificate wizard. For more information, see Installing SSL Certificates.

Note

If you generated a new self-signed certificate for the specified Azure AD application, you must add this certificate in the application settings of your Azure Active Directory.

Configuring Restore Portal Settings