🚧

Important

If you are a Druva Native Workloads user, see [Getting started with Native Workloads APIs] (https://developer.druva.com/docs/getting-started-with-cloudranger-api-trial)

📘

Tip

You can also take benefit of the Generate Authentication Token API to generate Access Token by providing the Client ID and Secret Key.

OAuth 2.0

Druva supports OAuth 2.0 based authentication for incoming requests. Every use of Druva APIs requires authentication so that Druva can ensure that only authorized users can interact with Druva products.

All the requests to Druva APIs are authenticated using OAuth2 access token which you receive in exchange of every authorization grant request you make.

OAuth Grant Type

Druva supports Grant type as “Client Credentials” of OAuth 2.0 flow.

OAuth Scopes

The Client Credentials have access to all the OAuth Scopes by default.

Access Token

To use Druva APIs, you must send the request with the OAuth access token in the Authorization Header with each API request. Only a valid access token can return a successful API response.

API URLs

Use appropriate URLs in the requests.
Endpoints and Data Governance Cloud - Use https://apis.druva.com
Endpoints and Data Governance GovCloud - Use https://govcloudapis.druva.com

Sample Requests and Responses

Before you begin, you must have the API Credentials, which is a combination of Client ID and Secret Key, for the application or tool which you intend to integrate with the Druva products. API Credentials can be created from the Druva Cloud Platform Console.

If you do not have the API Credentials, you can request your Druva Cloud administrator to provide you the API Credentials. Refer to Integration Workflow for the steps.

Sample API Credentials:

McNkxxxx4Vicxxxx4Ldpxxxx/09Uxxxx

Xmcxxxx8j5xxxx6NxxxxRbRxxxxNNyPt

To generate the Access Token and integrate with Druva APIs:

Step 1: Encode the API Credentials to Base64. To encode the API Credentials to Base64, input the Client ID and Secret Key string separated by a Colon (:) in any Base64 encoding tool.

McNkxxxx4Vicxxxx4Ldpxxxx/09Uxxxx:Xmcxxxx8j5xxxx6NxxxxRbRxxxxNNyPt

TWNxxxxxY2Y0VmljKzRyyyyyZHBkYkx1LzBJzzzzzlg6WG1jZU5Iejh12345NlI0TmtGuQ5SYjBn67890k55UHQ=

Step 2: Obtain the endpoint Access Token using the Base64 encoded API Credentials in the Authorization Header.

curl -X POST -H 'authorization: Basic TWNxxxxxY2Y0VmljKzRyyyy
yZHBkYkx1LzBJzzzzzlg6WG1jZU5Iejh12345NlI0TmtGuQ5SYjBn67890k55UHQ=' -d 'grant_type=client_credentials&scope=read' https://apis.druva.com/token

from oauthlib.oauth2 import BackendApplicationClient
from requests.auth import HTTPBasicAuth
from requests_oauthlib import OAuth2Session


def getToken(clientId,secret):
 auth = HTTPBasicAuth(clientId, secret)
 client = BackendApplicationClient(client_id=clientId)
 oauth = OAuth2Session(client=client)
 token = oauth.fetch_token(token_url='https://apis.druva.com/token', auth=auth)
 return token

{'access_token':'MzcxZjM1MTg0NGVkZxxxxxxhMzg6MTU6MTU1MTc4NDyyyyyyODpBTDdBeTVBezzzzzzLdDzzzzzzdVp3PT0=:PrsU3VzkVg+C123456NxrCgDL6YWJfCVOxxxxxx7fwjsWCpqcvq2snF5NyyyyyyajAHgulItQlUMS1ZtBzzzzzzcWxcAJ8eh1J/Q7X3WEp+dlDmk78xxxxxxZO5ekdq7', 'token_type': 'bearer', 'expires_in': 1800}

Step 3: Make API request using the Access Token:
The example below is a GET request type made for Endpoints and Data Governance API.

curl -X GET -H 'Authorization: Bearer <Access Token>' https://apis.druva.com/insync/usermanagement/v1/users/{userID}