Authorization Examples

The Swagger UI allows a user to try the following Orchestrator REST API authorization procedures:

• Obtaining authorization tokens.
• Creating clients.
• Obtaining authorization tokens under a client account.
• Using a refresh token.
• Getting a list of clients.
• Deleting clients.
• Logging out from the Orchestrator REST API.

Obtaining Authorization Tokens

To obtain an access token and a refresh token:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
2. Click Try it out.
3. From the grant_type drop-down list, select password.
4. In the username and password fields, specify the credentials of an account with the Orchestrator Administrator or Plan Author privileges. The user name must be specified in the DOMAIN\USERNAME or USERNAME format.
5. Click Execute.

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns an access token, its expiration time and a refresh token.

5. Save the refresh token locally for further use.

Creating Clients

To create a client account:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click POST /api/v7.1/Clients.
2. Click Try it out and then click Execute.

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns a client ID and client secret.

3. Save the child client ID and client secret locally for further use.

Obtaining Authorization Tokens Under Client Account

To obtain an access token and a refresh token using client credentials:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
2. Click Try it out.
3. From the grant_type drop-down list, select client_credentials.
4. In the client_id and client_secret fields, specify credentials of a client account.
5. Click Execute.

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns an access token, its expiration time and a refresh token.

5. Save the refresh token locally for further use.

Using Refresh Token

To obtain a new pair of tokens using a refresh token:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
2. From the grant_type drop-down list, select refresh_token.
3. In the refresh_token field, insert the refresh token saved locally.
4. Click Try it out.

Wait for the response from the server. A successfully completed operation returns the 200 code and a new pair of tokens in the response body.

Getting List of Clients

To get all client IDs related to a user account:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click GET /api/v7.1/Clients.
2. Click Try it out and then click Execute.

Wait for the response from the server. A successfully completed operation returns the 200 response code and a list of client IDs in the response body.

Deleting Clients

To delete a client account:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click DELETE /api/v7.1/Clients.
2. Click Try it out.
3. In the clientId field, insert the ID of the client that you want to delete.
4. Click Execute.

Wait for the response from the server. A successfully completed operation returns the 204 response code.

Logging Out

To log out from the Orchestrator REST API:

1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click DELETE /api/token.

2. Click Try it out and then click Execute.

Wait for the response from the server. A successfully completed operation returns the 204 response code.

Related Topics

Authorization and Security