- About Veeam Backup & Replication REST API
- Overview
- How To
- Changelog
- Login
- Service
- Services
- Credentials
- getGet All Credentials
- postAdd Credentials Record
- getGet Credentials Record
- putEdit Credentials Record
- delRemove Credentials Record
- postChange Password
- postChange Linux Private Key
- postChange Linux Root Password
- getGet All Cloud Credentials
- postAdd Cloud Credentials Record
- postGet Verification Code
- postRegister Azure AD Application
- getGet Cloud Credentials Record
- putEdit Cloud Credentials Record
- delRemove Cloud Credentials Record
- postChange Secret Key
- postChange Certificate
- getGet All Helper Appliances
- postAdd or Edit Helper Appliance
- getGet Helper Appliance
- delRemove Helper Appliance
- Encryption
- Connection
- Cloud Browser
- Inventory Browser
- Traffic Rules
- General Options
- Configuration Backup
- Managed Servers
- Repositories
- getGet All Repositories
- postAdd Repository
- getGet All Repository States
- getGet Repository
- putEdit Repository
- delRemove Repository
- getGet All Scale-Out Backup Repositories
- postAdd Scale-Out Backup Repository
- getGet Scale-Out Backup Repository
- putEdit Scale-Out Backup Repository
- delRemove Scale-Out Backup Repository
- postEnable Sealed Mode
- postDisable Sealed Mode
- postEnable Maintenance Mode
- postDisable Maintenance Mode
- Proxies
- Jobs
- Backups
- Backup Objects
- Object Restore Points
- Restore
- Sessions
- Agents
- Automation
- postImport Jobs
- postExport Jobs
- postImport Credentials
- postExport Credentials
- postImport Cloud Credentials
- postExport Cloud Credentials
- postImport Proxies
- postExport Proxies
- postImport Servers
- postExport Servers
- postImport Repositories
- postExport Repositories
- postImport Encryption Passwords
- postExport Encryption Passwords
- getGet All Automation Sessions
- getGet Automation Session
- getGet Automation Session Logs
- postStop Automation Session
The authorization process involves obtaining an access token and a refresh token.
For details on the authorization process and security settings, see Authorization and Security.
Get Access Token
The HTTP POST request to the /api/oauth2/token path allows you to get an access token and a refresh token.
header Parameters
| x-api-version required | string Default: 1.1-rev0 Version and revision of the client REST API. Must be in the following format: |
Request Body schema: application/x-www-form-urlencodedrequired
| grant_type required | string (ELoginGrantType) Default: "password" Authorization grant type.
|
| username | string User name. Required if the |
| password | string <password> Password. Required if the |
| refresh_token | string Refresh token. Required if the |
| code | string Authorization code. Required if the |
| use_short_term_refresh | boolean If true, a short-term refresh token is used. Lifetime of the short-term refresh token is the access token lifetime plus 15 minutes. |
| vbr_token | string Veeam Backup & Replication platform service token. |
OK
Bad request. This error is related to POST/PUT requests. The request body is malformed, incomplete or otherwise invalid.
Unauthorized. The authorization header has been expected but not found (or found but is expired).
Forbidden. The user sending the request does not have adequate privileges to access one or more objects specified in the request.
Internal server error. The request has been received but could not be completed because of an internal error at the server side.
- Payload
- curl
- Python
- JavaScript
- C#
- Go
grant_type=password&username=string&password=pa%24%24word&refresh_token=string&code=string&use_short_term_refresh=true&vbr_token=string
- 200
- 400
- 401
- 403
- 500
{- "access_token": "eyJhbGciOiJSUzUxMiIsImtpZCI6IjRFOTE2QjIwMTkzMENEOUFFNDRDMjAwMTlGODdGMkE0RUYyMjczMDMiLCJ0eXAiOiJKV1QifQ.eyJ1bmlxdWVfbmFtZSI6InNoZWlsYS5kLmNvcnkiLCJuYmYiOjE2NDMwMzA2NTgsImV4cCI6MTY0MzAzMTU1OCwiaWF0IjoxNjQzMDMwNjU4LCJhdWQiOiJhY2Nlc3MifQ.PYyLnd-AGcQDiMN6RibL_3D-IzngzGqM0Du0huiEbswyqB9JATF3PJvPPKQn1H27xYEiznDyhAnbs9qZNNXlK0E7yRZbifUat16C1XDCvKFXAkije_44xakcUf5aUeU5YVRyjHa-hTRTkwISj9lBCNf_WdpttkK2stgyRCafrj057ATgUyru6o5gZhTYIS4cioAXmhvLvB7Qrn4X080DHH0-KqYeSQwnQASi1HDuogfkEmxyu8380fbGJiyK4eKGLJ2hmq5DsMmL0BSSzIvUiifLPS5_Ei4-9EOFOv3RlLmk6eQNefaLrkRSsV7QSgGZDLc98zIBlD2yrUccx2cj9A",
- "token_type": "bearer",
- "refresh_token": "eyJhbGciOiJSUzUxMiIsImtpZCI6IjRFOTE2QjIwMTkzMENEOUFFNDRDMjAwMTlGODdGMkE0RUYyMjczMDMiLCJ0eXAiOiJKV1QifQ.eyJ1bmlxdWVfbmFtZSI6InNoZWlsYS5kLmNvcnkiLCJ0b2tlbl9pZCI6IjEwNTA4YWUyLTk0YzctNGRkNi04YzEyLWZjNGY1NDQ1MzM0YSIsInNob3J0X3Rlcm1fZXhwaXJhdGlvbiI6IkZhbHNlIiwibmJmIjoxNjQzMDMwNjU5LCJleHAiOjE2NDQyNDAyNTksImlhdCI6MTY0MzAzMDY1OSwiYXVkIjoicmVmcmVzaCJ9.RXx9xPlpoUuRwO7sTkBTXntpc3vixXc2kgfCPfRcpePdzOGbLqn64c1hCHTGgXPKgZ4ogEY58N2D3xUPd6spAdfbOkF_XwjEEDpxf03rl7LYMo-OXQ0PxVtUCJK3_o6Dfah0YV6IYu5yctvd-_1MKaac7vV5Zl87qhlF8w4e7LT0QPD_Vhp2JUoD3dSTvYw9WvNDqaRotYfaWj05yTB3PArVwSiPDg1oZXSLxROmDDtKf5FFqSgOdp4LxJmD6sYlv_2FQqG-tNwPqRyzKIaqiDDQXBR9MVmFHBl9iUcYOqvX9ZlCa7oPP_txjopks-NcpdyPkSH74hvoeOs3hujW8w",
- "expires_in": 900,
- ".issued": "2022-04-24T14:24:18+01:00",
- ".expires": "2022-04-24T14:39:18+01:00"
}Get Authorization Code
The HTTP POST request to the /api/oauth2/authorization_code path allows you to get an authorization code that is used to obtain an access token. For more information on authorization process, see Requesting Authorization.
header Parameters
| x-api-version required | string Default: 1.1-rev0 Version and revision of the client REST API. Must be in the following format: |
OK
Unauthorized. The authorization header has been expected but not found (or found but is expired).
Forbidden. The user sending the request does not have adequate privileges to access one or more objects specified in the request.
Internal server error. The request has been received but could not be completed because of an internal error at the server side.
- curl
- Python
- JavaScript
- C#
- Go
- 200
- 401
- 403
- 500
{- "code": "AAEAAPcbxUSe0PNKAN+ilV5d4M5Fkv9ONjwRa4hfZYoemxIDA/IHbrjldYbfu1MemydXxGR4KYe5woGq09k+URepuiwUVsg3WbXC179ECOARXmfMH9dFI5H4aiXTotwPvuXLAC2AU4nFSUI2Kr2jlg4Vm8hTEPisaEiOolaVPA5CTzSEribGVaPYwvzyEIn7qy+lLnvGN2dm46W6Q0QJ2dpw1SCI2DZRCRIz+L8Nq804hNwDQJk9TCPJ61ztwF4FM+wO2ToNvMkL6aVay7STpeTRlkFf5i5dAm2qC0a1fcDdkkxt2lwv47t52I2tyZafpdLXs1eb+y7ZnuYQGbDI3epq5GAIAAAAK1kt2wvg2Qg="
}Log Out
The HTTP POST request to the /api/oauth2/logout path allows you to perform the logout operation. After you log out, your access and refresh tokens are expired.
header Parameters
| x-api-version required | string Default: 1.1-rev0 Version and revision of the client REST API. Must be in the following format: |
OK
Unauthorized. The authorization header has been expected but not found (or found but is expired).
Forbidden. The user sending the request does not have adequate privileges to access one or more objects specified in the request.
Internal server error. The request has been received but could not be completed because of an internal error at the server side.
- curl
- Python
- JavaScript
- C#
- Go
- 200
- 401
- 403
- 500
{ }