Authorization Examples

The Swagger UI allows a user to try the following Orchestrator REST API authorization procedures:

Obtaining Authorization Tokens

To obtain an access token and a refresh token:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
  2. Click Try it out.
  3. From the grant_type drop-down list, select password.
  4. In the username and password fields, specify the credentials of an account with the Orchestrator Administrator or Plan Author privileges. The user name must be specified in the DOMAIN\USERNAME or USERNAME format.
  5. Click Execute.

Getting Authorization Token

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns an access token, its expiration time and a refresh token.

Getting Authorization Token — Server Response

  1. Save the refresh token locally for further use.

 

Creating Clients

To create a client account:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click POST /api/v7.1/Clients.
  2. Click Try it out and then click Execute.

Getting Child Client

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns a client ID and client secret.

  1. Save the child client ID and client secret locally for further use.

Note

Clients cannot create new client accounts.

 

Obtaining Authorization Tokens Under Client Account

To obtain an access token and a refresh token using client credentials:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
  2. Click Try it out.
  3. From the grant_type drop-down list, select client_credentials.
  4. In the client_id and client_secret fields, specify credentials of a client account.
  5. Click Execute.

Getting Tokens for Child Client

Wait for the response from the server. A successfully completed operation returns the 200 response code. In the response body, Orchestrator returns an access token, its expiration time and a refresh token.

  1. Save the refresh token locally for further use.

 

Using Refresh Token

To obtain a new pair of tokens using a refresh token:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click POST /api/token.
  2. From the grant_type drop-down list, select refresh_token.
  3. In the refresh_token field, insert the refresh token saved locally.
  4. Click Try it out.

Using Refresh Token

Wait for the response from the server. A successfully completed operation returns the 200 code and a new pair of tokens in the response body.

Getting List of Clients

To get all client IDs related to a user account:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click GET /api/v7.1/Clients.
  2. Click Try it out and then click Execute.

Getting Client IDs

Wait for the response from the server. A successfully completed operation returns the 200 response code and a list of client IDs in the response body.

Note

A client can get only its own client ID.

 

Deleting Clients

To delete a client account:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Clients resource and click DELETE /api/v7.1/Clients.
  2. Click Try it out.
  3. In the clientId field, insert the ID of the client that you want to delete.
  4. Click Execute.

Deleting Client

Wait for the response from the server. A successfully completed operation returns the 204 response code.

Note

A user can delete all related client accounts. A client can delete only his own client account.

 

Logging Out

To log out from the Orchestrator REST API:

  1. On the Veeam Recovery Orchestrator REST API 7.1 page, expand the Token resource and click DELETE /api/token.
  1. Click Try it out and then click Execute.

Logging Out

Wait for the response from the server. A successfully completed operation returns the 204 response code.

Related Topics

Authorization and Security