Veeam Backup for Microsoft Azure 8
REST API Reference
Related documents

Service Accounts

The /accounts/azure/service resource collection represents service accounts added to the Veeam Backup for Microsoft Azure configuration database.

Get Collection of Service Accounts

The HTTP GET request to the /accounts/azure/service endpoint retrieves a list of service accounts added to the Veeam Backup for Microsoft Azure configuration database.

SecurityBearer
Request
query Parameters
Filter
string or null

Returns only specific items of a resource collection in the response. To learn how to use the filter parameter, see the Veeam Backup for Microsoft Azure REST API Reference, section Filter Parameter.

x-veeam-parameter-group: RESTAzureAccountFilters
Offset
integer <int32> >= 0

Specifies the first N items of a resource collection that will be excluded from the response.

x-veeam-parameter-group: Veeam.Azure.REST.RequestQuery.V2.PageProperties
Limit
integer <int32> >= -1

Specifies the maximum number of items of a resource collection that will be returned in the response.

x-veeam-parameter-group: Veeam.Azure.REST.RequestQuery.V2.PageProperties
Purpose
Array of strings or null (AzureAccountPurpose)

Specifies operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
x-veeam-parameter-group: RESTAzureAccountFilters
Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

get/api/v8/accounts/azure/service
Request samples 
curl -i -X GET \
  'https://123.123.123.123/api/v8/accounts/azure/service?Filter=string&Offset=0&Limit=-1&Purpose=None' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "offset": 0,
  • "limit": 0,
  • "totalCount": 0,
  • "_links": {},
  • "results": [
    ]
}

Get Service Account Data

The HTTP GET request to the /accounts/azure/service/{accountId} endpoint retrieves information on a service account with the specified ID.

SecurityBearer
Request
path Parameters
accountId
required
string

Specifies the system ID assigned to a service account in the Veeam Backup for Microsoft Azure REST API.

Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

get/api/v8/accounts/azure/service/{accountId}
Request samples 
curl -i -X GET \
  'https://123.123.123.123/api/v8/accounts/azure/service/{accountId}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "accountId": "string",
  • "applicationId": "97ab27fa-30e2-43e3-92a3-160e80f4c0d5",
  • "applicationCertificateName": "string",
  • "name": "string",
  • "description": "string",
  • "region": "Global",
  • "tenantId": "string",
  • "tenantName": "string",
  • "accountOrigin": "Device Authentication",
  • "expirationDate": "2019-08-24T14:15:22Z",
  • "accountState": "Created",
  • "adGroupId": "9a83eeeb-9c7f-43c1-8266-9a86d08b7e4a",
  • "cloudState": "Unknown",
  • "adGroupName": "string",
  • "purposes": [
    ],
  • "managementGroupId": "string",
  • "managementGroupName": "string",
  • "subscriptionIds": [
    ],
  • "selectedForWorkermanagement": true,
  • "azurePermissionsState": [
    ],
  • "azurePermissionsStateCheckTimeUtc": "2019-08-24T14:15:22Z",
  • "subscriptionIdForWorkerDeployment": "fa8415e4-16b1-41c7-a585-5c880fe4dc6f",
  • "_links": {}
}

Remove Service Account

The HTTP DELETE request to the /accounts/azure/service/{accountId} endpoint removes a service account with the specified ID from the Veeam Backup for Microsoft Azure configuration database.

SecurityBearer
Request
path Parameters
accountId
required
string

Specifies the system ID assigned to a service account in the Veeam Backup for Microsoft Azure REST API.

Responses
204

No Content

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

409

Conflict

delete/api/v8/accounts/azure/service/{accountId}
Request samples 
curl -i -X DELETE \
  'https://123.123.123.123/api/v8/accounts/azure/service/{accountId}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/problem+json
{
  • "detail": "string",
  • "errors": {
    },
  • "status": 0,
  • "title": "string",
  • "traceId": "string",
  • "type": "string"
}

Verify Service Account Permissions

The HTTP POST request to the /accounts/azure/service/{accountId}/checkPermissions checks whether the specified service account has all the permissions required to protect resources that belong to the specified Azure subscription.

SecurityBearer
Request
path Parameters
accountId
required
string <uuid>

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account whose permissions will be checked.

query Parameters
subscriptionId
Array of strings or null <uuid>

Specifies a Microsoft Azure ID assigned to a subscription whose resources will be protected using the permissions of the service account.

purposes
Array of strings or null (AzureAccountPurpose)

Specifies operations that will be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Resource specified in the request could not be found in the specified resource collection.

415

Client Error

post/api/v8/accounts/azure/service/{accountId}/checkPermissions
Request samples 
curl -i -X POST \
  'https://123.123.123.123/api/v8/accounts/azure/service/{accountId}/checkPermissions?subscriptionId=497f6eca-6276-4993-bfeb-53cbbbba6f08&purposes=None' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "environment": "Global",
  • "applianceTenantId": "string",
  • "defaultTenantId": "string",
  • "defaultTenantName": "string",
  • "subscriptions": [
    ],
  • "requiredRolesHint": [
    ]
}

Export Service Account Required Permissions

The HTTP POST request to the /accounts/azure/service/exportPermissions endpoint exports a .JSON file with the full list of permissions required to perform operations selected for the service account with the specified ID.

x-veeam-custom-response: true
SecurityBearer
Request
query Parameters
accountId
required
string <uuid>

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account that must be assigned the exported permissions.

subscriptionId
required
string <uuid>

Specifies a Microsoft Azure ID assigned to a subscription whose resources will be protected using the exported permissions.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

415

Client Error

post/api/v8/accounts/azure/service/exportPermissions
Request samples 
curl -i -X POST \
  'https://123.123.123.123/api/v8/accounts/azure/service/exportPermissions?accountId=497f6eca-6276-4993-bfeb-53cbbbba6f08&subscriptionId=497f6eca-6276-4993-bfeb-53cbbbba6f08' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/problem+json
{
  • "detail": "string",
  • "errors": {
    },
  • "status": 0,
  • "title": "string",
  • "traceId": "string",
  • "type": "string"
}

Export Permissions by Application

The HTTP POST request to the /accounts/azure/service/exportPermissionsByApp endpoint exports a .JSON file with the list of permissions required to perform operations selected for the service account with the specified ID.

x-veeam-custom-response: true
SecurityBearer
Request
query Parameters
subscriptionId
required
string <uuid>

Specifies a Microsoft Azure ID assigned to a subscription whose resources will be protected using the exported permissions.

editAccountId
string

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account that must be assigned the exported permissions.

Request Body schema: application/json
applicationId
required
string <uuid>

Specifies the Microsoft Azure ID assigned to the Entra ID application.

azureEnvironment
required
string or null (AzureEnvironmentNullable)

Specifies the type of the Microsoft Azure cloud environment.

Enum: "Global" "Germany" "China" "USGovernment" "Unknown"
x-external-type: Veeam.Azure.REST.Latest.AzureEnvironment
tenantId
required
string <uuid>

Specifies the Microsoft Azure ID assigned to a tenant in which the Entra ID application has been registered.

clientSecret
string or null

/[Required to authenticate using client secret] Specifies the client secret generated on the Azure portal.

applicationCertificate
string or null

/[Required to authenticate using certificate] Specifies the certificate generated for the Entra ID application.

applicationCertificateName
string or null

/[Required to authenticate using certificate] Specifies the certificate file name or other way of naming certificate. Later on it will be used during account edit as reminder for certificate being used.

certificatePassword
string or null

Specifies the password used to encrypt the certificate on the certificate creation.

azureAccountPurposes
Array of strings or null (AzureAccountPurpose)

Specifies operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
subscriptions
Array of strings or null <uuid>

Specifies Azure subscriptions with which the service account is associated.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

415

Client Error

post/api/v8/accounts/azure/service/exportPermissionsByApp
Request samples
application/json
{
  • "azureEnvironment": "Global",
  • "applicationId": "97ab27fa-30e2-43e3-92a3-160e80f4c0d5",
  • "clientSecret": "string",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "applicationCertificate": "string",
  • "applicationCertificateName": "string",
  • "certificatePassword": "string",
  • "azureAccountPurposes": [
    ],
  • "subscriptions": [
    ]
}
Response samples
application/problem+json
{
  • "extensions": { },
  • "status": 0,
  • "title": "string",
  • "detail": "string",
  • "type": "string"
}

Export Permissions by Token

The HTTP POST request to the /accounts/azure/service/exportPermissionsByToken endpoint exports a .JSON file with the full list of permissions that must be assigned to a service account to protect Azure resources associated with the specified subscription.

NOTE
This operation requires authentication to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI). That is why to complete the operation, you must obtain the value of the accessTokenCache parameter.

x-veeam-custom-response: true
SecurityBearer
Request
query Parameters
subscriptionId
required
string <uuid>

Specifies a Microsoft Azure ID assigned to a subscription whose resources will be protected using the exported permissions.

Request Body schema: application/json
required
accessTokenCache
required
string <binary>

Specifies a string value representing authorization token to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

authenticatedByCertificate
boolean

Defines whether the type of authentication is a certificate.

azureEnvironment
string (AzureEnvironment)

Specifies the type of the Microsoft Azure cloud environment.

Enum: "Global" "Germany" "China" "USGovernment" "Unknown"
azureAccountPurposes
Array of strings or null (AzureAccountPurpose)

List of operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
displayableId
string or null

Specifies credentials of the Microsoft Azure account that will be used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

familyName
string or null
Deprecated

Last name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

givenName
string or null
Deprecated

First name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

identityProvider
string or null

Specifies the name of the identity provider used to manage identity information.

tenantId
string or null

Specifies the Microsoft Azure ID assigned to a tenant with which the service account is associated.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

415

Client Error

post/api/v8/accounts/azure/service/exportPermissionsByToken
Request samples
application/json
{
  • "authenticatedByCertificate": true,
  • "azureEnvironment": "Global",
  • "azureAccountPurposes": [
    ],
  • "accessTokenCache": "string",
  • "displayableId": "string",
  • "familyName": "string",
  • "givenName": "string",
  • "identityProvider": "string",
  • "tenantId": "string"
}
Response samples
application/problem+json
{
  • "extensions": { },
  • "status": 0,
  • "title": "string",
  • "detail": "string",
  • "type": "string"
}

Export Collection of Service Accounts

The HTTP POST request to the /accounts/azure/service/export endpoint exports a list of service accounts added to the Veeam Backup for Microsoft Azure configuration database to a .CSV or an .XML file.

x-veeam-custom-response: true
SecurityBearer
Request
header Parameters
Accept
string or null

Specifies a media type of representation of the exported data. The default value is text/csv media type.

Request Body schema: application/json
accountIds
Array of strings or null <uuid>

Specifies a list of system IDs assigned in the Veeam Backup for Microsoft Azure REST API to the service accounts whose data will be exported.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

415

Client Error

post/api/v8/accounts/azure/service/export
Request samples
application/json
{
  • "accountIds": [
    ]
}
Response samples
application/problem+json
{
  • "extensions": { },
  • "status": 0,
  • "title": "string",
  • "detail": "string",
  • "type": "string"
}

Get List of Tenants by Token

The HTTP POST request to the /accounts/azure/service/listTenantsByToken endpoint retrieves a list of Microsoft Entra tenants to which the Microsoft Azure account used to authenticate to the Azure CLI has access.

NOTE
This operation requires authentication to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI). That is why to complete the operation, you must obtain the value of the accessTokenCache parameter.

SecurityBearer
Request
Request Body schema: application/json
accessTokenCache
required
string <binary>

Specifies a string value representing authorization token to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

authenticatedByCertificate
boolean

Defines whether the type of authentication is a certificate.

azureEnvironment
string (AzureEnvironment)

Specifies the type of the Microsoft Azure cloud environment.

Enum: "Global" "Germany" "China" "USGovernment" "Unknown"
azureAccountPurposes
Array of strings or null (AzureAccountPurpose)

List of operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
displayableId
string or null

Specifies credentials of the Microsoft Azure account that will be used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

familyName
string or null
Deprecated

Last name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

givenName
string or null
Deprecated

First name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

identityProvider
string or null

Specifies the name of the identity provider used to manage identity information.

tenantId
string or null

Specifies the Microsoft Azure ID assigned to a tenant with which the service account is associated.

Responses
202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

415

Client Error

post/api/v8/accounts/azure/service/listTenantsByToken
Request samples
application/json
{
  • "authenticatedByCertificate": true,
  • "azureEnvironment": "Global",
  • "azureAccountPurposes": [
    ],
  • "accessTokenCache": "string",
  • "displayableId": "string",
  • "familyName": "string",
  • "givenName": "string",
  • "identityProvider": "string",
  • "tenantId": "string"
}
Response samples
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "startTime": "2019-08-24T14:15:22Z",
  • "status": "Canceled",
  • "error": {
    },
  • "_links": {},
  • "result": {
    }
}

Get List of Subscriptions by Application

The HTTP POST request to the /accounts/azure/service/listSubscriptionsByApp retrieves a list of subscriptions available for the service account connected to the existing Entra ID application.

SecurityBearer
Request
query Parameters
editAccountId
string or null

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account that will be edited.

x-position: 2
skipPermissionsCheck
boolean or null
x-position: 3
Request Body schema: application/json
applicationId
required
string <uuid>

Specifies the Microsoft Azure ID assigned to the Entra ID application.

azureEnvironment
required
string or null (AzureEnvironmentNullable)

Specifies the type of the Microsoft Azure cloud environment.

Enum: "Global" "Germany" "China" "USGovernment" "Unknown"
x-external-type: Veeam.Azure.REST.Latest.AzureEnvironment
tenantId
required
string <uuid>

Specifies the Microsoft Azure ID assigned to a tenant in which the Entra ID application has been registered.

clientSecret
string or null

/[Required to authenticate using client secret] Specifies the client secret generated on the Azure portal.

applicationCertificate
string or null

/[Required to authenticate using certificate] Specifies the certificate generated for the Entra ID application.

applicationCertificateName
string or null

/[Required to authenticate using certificate] Specifies the certificate file name or other way of naming certificate. Later on it will be used during account edit as reminder for certificate being used.

certificatePassword
string or null

Specifies the password used to encrypt the certificate on the certificate creation.

azureAccountPurposes
Array of strings or null (AzureAccountPurpose)

Specifies operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
subscriptions
Array of strings or null <uuid>

Specifies Azure subscriptions with which the service account is associated.

Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

415

Client Error

post/api/v8/accounts/azure/service/listSubscriptionsByApp
Request samples
application/json
{
  • "azureEnvironment": "Global",
  • "applicationId": "97ab27fa-30e2-43e3-92a3-160e80f4c0d5",
  • "clientSecret": "string",
  • "tenantId": "f97df110-f4de-492e-8849-4a6af68026b0",
  • "applicationCertificate": "string",
  • "applicationCertificateName": "string",
  • "certificatePassword": "string",
  • "azureAccountPurposes": [
    ],
  • "subscriptions": [
    ]
}
Response samples
application/json
{
  • "environment": "Global",
  • "applianceTenantId": "string",
  • "defaultTenantId": "string",
  • "defaultTenantName": "string",
  • "subscriptions": [
    ],
  • "requiredRolesHint": [
    ]
}

Get List of Microsoft Entra Groups

The HTTP POST request to the /accounts/azure/service/listAdGroups endpoint retrieves a list of Microsoft Entra groups available in the Microsoft Azure environment.

NOTE
This operation requires authentication to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI). That is why to complete the operation, you must obtain the value of the accessTokenCache parameter.

SecurityBearer
Request
Request Body schema: application/json
tenantId
required
string or null

Specifies the Microsoft Azure ID assigned to a tenant with which the service account is associated.

object (AzureAuthenticationResult)

Specifies information on authentication in Microsoft Azure environment.

object (AdGroupQueryOptions)

Specifies the order to sort the returned items by value of the displayName property. Use DisplayNameDesc or DisplayNameAsc values.
Example: "queryOptions":{"sort":"DisplayNameDesc"}

editAccountId
string or null

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account that will be edited.

Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

409

Conflict

415

Client Error

post/api/v8/accounts/azure/service/listAdGroups
Request samples
application/json
{
  • "azureAuthentication": {
    },
  • "queryOptions": { },
  • "editAccountId": "string",
  • "tenantId": "string"
}
Response samples
application/json
{
  • "adGroups": [
    ],
  • "userAdPermissions": {
    }
}

Validate User

The HTTP POST request to the /accounts/azure/service/isUserOwnerOfAdApp endpoint checks whether the Microsoft Azure account authenticated to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI) is the owner of the specified Entra ID application.

NOTE
This operation requires authentication to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI). That is why to complete the operation, you must obtain the value of the accessTokenCache parameter.

SecurityBearer
Request
query Parameters
applicationId
string or null

Specifies the Microsoft Azure ID assigned to the Entra ID application.

editAccountId
string or null

Specifies the system ID assigned in the Veeam Backup for Microsoft Azure REST API to the service account with which the specified Entra ID application is associated.

tenantId
string or null

Specifies the Microsoft Azure ID assigned to a tenant in which the specified Entra ID application has been registered.

Request Body schema: application/json
accessTokenCache
required
string <binary>

Specifies a string value representing authorization token to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

authenticatedByCertificate
boolean

Defines whether the type of authentication is a certificate.

azureEnvironment
string (AzureEnvironment)

Specifies the type of the Microsoft Azure cloud environment.

Enum: "Global" "Germany" "China" "USGovernment" "Unknown"
azureAccountPurposes
Array of strings or null (AzureAccountPurpose)

List of operations that can be performed using the service account.

Enum: "None" "WorkerManagement" "Repository" "Unknown" "VirtualMachineBackup" "VirtualMachineRestore" "AzureSqlBackup" "AzureSqlRestore" "AzureFiles" "VnetBackup" "VnetRestore" "CosmosBackup" "CosmosRestore"
displayableId
string or null

Specifies credentials of the Microsoft Azure account that will be used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

familyName
string or null
Deprecated

Last name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

givenName
string or null
Deprecated

First name of the user whose credentials are used to log in to the Microsoft Azure Cross-platform Command Line Interface (Azure CLI).

identityProvider
string or null

Specifies the name of the identity provider used to manage identity information.

tenantId
string or null

Specifies the Microsoft Azure ID assigned to a tenant with which the service account is associated.

Responses
200

OK

202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

409

Conflict

415

Client Error

post/api/v8/accounts/azure/service/isUserOwnerOfAdApp
Request samples
application/json
{
  • "authenticatedByCertificate": true,
  • "azureEnvironment": "Global",
  • "azureAccountPurposes": [
    ],
  • "accessTokenCache": "string",
  • "displayableId": "string",
  • "familyName": "string",
  • "givenName": "string",
  • "identityProvider": "string",
  • "tenantId": "string"
}
Response samples
application/json
true

Add Service Account Using Existing Application

The HTTP POST request to the /accounts/azure/service/saveByApp endpoint creates a new service account using an existing Entra ID application.

SecurityBearer
Request
Request Body schema: application/json
required
object (AzureAccountInfo)

Specifies information on a service account.

x-veeam-namespace: Veeam.Azure.REST.Representation.V2
object or null (ClientLoginParameters)

Specifies the login data of the Entra ID application.

Responses
200

OK

202

Accepted

400

Bad Request

401

Unauthorized

403

Forbidden

415

Client Error

post/api/v8/accounts/azure/service/saveByApp
Request samples
application/json
{
  • "accountInfo": {
    },
  • "clientLoginParameters": {
    }
}
Response samples
application/json
"string"

Edit Service Account Created Using Existing Application

The HTTP PUT request to the /accounts/azure/service/updateByApp/{accountId} endpoint updates a specific service account created using an existing Entra ID application.

SecurityBearer
Request
path Parameters
accountId
required
string

Specifies the system ID assigned to a service account in the Veeam Backup for Microsoft Azure REST API.

Request Body schema: application/json
required
object (AzureAccountInfo)

Specifies information on a service account.

x-veeam-namespace: Veeam.Azure.REST.Representation.V2
object or null (ClientLoginParameters)

Specifies the login data of the Entra ID application.

Responses
200

OK

202

Accepted

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

409

Conflict

415

Client Error

put/api/v8/accounts/azure/service/updateByApp/{accountId}
Request samples
application/json
{
  • "accountInfo": {
    },
  • "clientLoginParameters": {
    }
}
Response samples
application/json
"string"

Validate Editing of Service Account Created Using Existing Application

The HTTP PUT request to the /accounts/azure/service/updateByApp/{accountId}/validate endpoint checks whether the data specified for the HTTP PUT request to the Edit Service Account Created Using Existing Application endpoint is valid.

SecurityBearer
Request
path Parameters
accountId
required
string

Specifies the system ID assigned to a service account in the Veeam Backup for Microsoft Azure REST API.

Request Body schema: application/json
required
object (AzureAccountInfo)

Specifies information on a service account.

x-veeam-namespace: Veeam.Azure.REST.Representation.V2
object or null (ClientLoginParameters)

Specifies the login data of the Entra ID application.

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

put/api/v8/accounts/azure/service/updateByApp/{accountId}/validate
Request samples
application/json
{
  • "accountInfo": {
    },
  • "clientLoginParameters": {
    }
}
Response samples
application/json
{
  • "result": "Success",
  • "issues": [
    ]
}

Get Service Accounts Suitable for Worker Management

The HTTP GET request to the /accounts/azure/service/listWorkerManagementSuitableServices endpoint retrieves a list of service accounts added to the Veeam Backup for Microsoft Azure configuration database that can be used to launch worker instances.

SecurityBearer
Request
query Parameters
Filter
string or null

Returns only specific items of a resource collection in the response. To learn how to use the filter parameter, see the Veeam Backup for Microsoft Azure REST API Reference, section Filter Parameter.

x-veeam-parameter-group: RESTAzureAccountFilters
Offset
integer <int32> >= 0

Specifies the first N items of a resource collection that will be excluded from the response.

x-veeam-parameter-group: Veeam.Azure.REST.RequestQuery.V2.PageProperties
Limit
integer <int32> >= -1

Specifies the maximum number of items of a resource collection that will be returned in the response.

x-veeam-parameter-group: Veeam.Azure.REST.RequestQuery.V2.PageProperties
Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

get/api/v8/accounts/azure/service/listWorkerManagementSuitableServices
Request samples 
curl -i -X GET \
  'https://123.123.123.123/api/v8/accounts/azure/service/listWorkerManagementSuitableServices?Filter=string&Offset=0&Limit=-1' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "offset": 0,
  • "limit": 0,
  • "totalCount": 0,
  • "_links": {},
  • "results": [
    ]
}

Specify Service Account for Worker ManagementDeprecated

The HTTP PUT request to the /accounts/azure/service/{accountId}/selectForWorkermanagement endpoint allows you to specify a service account that will be used to launch worker instances.

SecurityBearer
Request
path Parameters
accountId
required
string

Specifies the system ID assigned to a service account in the Veeam Backup for Microsoft Azure REST API.

Request Body schema: application/json
SubscriptionId
string or null <uuid>

Specifies the Microsoft Azure ID assigned to a subscription in which the worker instances will be deployed.

ResourceGroupName
string or null

Specifies the name of a resource group to which the worker instances will belong.

Responses
204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

put/api/v8/accounts/azure/service/{accountId}/selectForWorkermanagement
Request samples
application/json
{
  • "SubscriptionId": "0bc37390-50b9-4518-b724-269d2b5e50cd",
  • "ResourceGroupName": "string"
}
Response samples
application/problem+json
{
  • "extensions": { },
  • "status": 0,
  • "title": "string",
  • "detail": "string",
  • "type": "string"
}