- About Veeam Recovery Orchestrator REST API
- Overview
- Changelog
- Token
- Mfa
- Clients
- Plans
- getGet Collection of Plans
- getGet Plan Data
- getGet VMs Added to Inventory Group in Plan
- getGet All Groups in Plan
- getGet Parameters Configured for Step in Plan
- getGet Steps Added for VM in Plan
- getGet Steps Added to Virtual Group in Plan
- postEnable Plan
- postDisable Plan
- postHalt Plan
- postRun Permanent Failover
- postFail Back to Source VMs
- postPrepare for Failback
- postSwitchover to Production
- postCommit Failback
- postUndo Plan
- postReset Plan State
- postClear Change Log History for Plan
- postRun Failover
- postRun Restore Plan
- postContinue Plan Execution
- postRun Readiness Check
- delDelete Plan Schedule
- putSchedule Plan to Run at Specific Time
- putSchedule Plan to Run After Another Plan
- postClone Plan
- RecoveryLocations
- RuntimeDetails
- Scopes
- LicenseUsage
To start working with the Orchestrator REST API, users must first authenticate themselves. Orchestrator REST API authorization process is based on the OAuth 2.0 Authorization Framework and involves obtaining an access token and a refresh token.
- Access token is a string that represents authorization issued to the client and that must be used in all requests during the current logon session.
- Refresh token is a string that represents authorization granted to the client and that can be used to obtain a new access token if the current access token expires or becomes lost.
userAuth
To start working with the Orchestrator REST API, users must first authenticate themselves.
A user must provide credentials of an account with the Orchestrator Administrator, Plan Author or Plan Operator privileges. For more information on user authentication, see Authorization and Security.
password /api/tokenclientAuth
The Orchestrator REST API allows various client applications to authenticate themselves using client credentials. This type of credentials helps applications work with the REST API simultaneously and avoid interference from each other. For more information on client authentication, see Working with Clients.
clientCredentials /api/tokenGet Authorization Tokens
The HTTP POST request to the /api/token path retrieves an access token and a refresh token.
Request Body schema: multipart/form-data
| grant_type required | string Default: "password" Authorization type. |
| username | string [Required if the |
| password | string [Required if the |
| client_id | string [Required if the |
| client_secret | string [Required if the |
| refresh_token | string [Required if the |
| mfa_token | string [Required if the |
| mfa_passcode | integer <int32> [Required if the |
OK
Bad request. The request body is malformed, incomplete or otherwise invalid.
Unauthorized request. The authorization header has been expected but not found (or found but expired).
- curl
- Python
- JavaScript
- C#
- Go
- 200
{- "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBEb2UiLCJpYXQiOjE1MTYyMzkwMjJ9.hqWGSaFpvbrXkOWc6lrnffhNWR19W_S1YKFBx2arWBk",
- "token_type": "bearer",
- "refresh_token": "iAtow6zC8+36D/wzn3DFUsgqX/qAZYIG3XPlysUzo4k=",
- "expires_in": "899"
}