Authentication
Important
If you are a Druva Native Workloads user, see [Getting started with Native Workloads APIs] (https://developer.druva.com/docs/getting-started-with-cloudranger-api-trial)
Tip
You can also take benefit of the Generate Authentication Token API to generate Access Token by providing the Client ID and Secret Key.
OAuth 2.0
Druva supports OAuth 2.0 based authentication for incoming requests. Every use of Druva APIs requires authentication so that Druva can ensure that only authorized users can interact with Druva products.
All the requests to Druva APIs are authenticated using OAuth2 access token which you receive in exchange of every authorization grant request you make.
OAuth Grant Type
Druva supports Grant type as “Client Credentials” of OAuth 2.0 flow.
OAuth Scopes
The Client Credentials have access to all the OAuth Scopes by default.
Access Token
To use Druva APIs, you must send the request with the OAuth access token in the Authorization Header with each API request. Only a valid access token can return a successful API response.
API URLs
Use appropriate URLs in the requests.
Enterprise Workloads, Endpoints and Data Governance Cloud - Use https://apis.druva.com
Endpoints and Data Governance GovCloud - Use https://govcloudapis.druva.com
Enterprise Workloads GovCloud - https://govapis.druva.com/
Important
Make sure you invoke the API on the same cloud for which you have generated the authentication token. For example, if you generate token for Mainline cloud, then make sure you are invoking the API on the Mainline cloud, else you will get the following authentication error:
User is not authorized to access this resource with an explicit denyFor base URLs for mainline and gov cloud, see Request and response structure.
Sample Requests and Responses
Before you begin, you must have the API Credentials, which is a combination of Client ID and Secret Key, for the application or tool which you intend to integrate with the Druva products. API Credentials can be created from the Druva Cloud Platform Console.
If you do not have the API Credentials, you can request your Druva Cloud administrator to provide you the API Credentials. Refer to Integration Workflow for the steps.
Sample API Credentials:
McNkxxxx4Vicxxxx4Ldpxxxx/09Uxxxx
Xmcxxxx8j5xxxx6NxxxxRbRxxxxNNyPt
To generate the Access Token and integrate with Druva APIs:
Step 1: Encode the API Credentials to Base64. To encode the API Credentials to Base64, input the Client ID and Secret Key string separated by a Colon (:) in any Base64 encoding tool.
McNkxxxx4Vicxxxx4Ldpxxxx/09Uxxxx:Xmcxxxx8j5xxxx6NxxxxRbRxxxxNNyPt
TWNxxxxxY2Y0VmljKzRyyyyyZHBkYkx1LzBJzzzzzlg6WG1jZU5Iejh12345NlI0TmtGuQ5SYjBn67890k55UHQ=
Step 2: Obtain the endpoint Access Token using the Base64 encoded API Credentials in the Authorization Header.
curl -X POST -H 'authorization: Basic TWNxxxxxY2Y0VmljKzRyyyy
yZHBkYkx1LzBJzzzzzlg6WG1jZU5Iejh12345NlI0TmtGuQ5SYjBn67890k55UHQ=' -d 'grant_type=client_credentials&scope=read' https://apis.druva.com/token
from oauthlib.oauth2 import BackendApplicationClient
from requests.auth import HTTPBasicAuth
from requests_oauthlib import OAuth2Session
def getToken(clientId,secret):
auth = HTTPBasicAuth(clientId, secret)
client = BackendApplicationClient(client_id=clientId)
oauth = OAuth2Session(client=client)
token = oauth.fetch_token(token_url='https://apis.druva.com/token', auth=auth)
return token
{'access_token':'MzcxZjM1MTg0NGVkZxxxxxxhMzg6MTU6MTU1MTc4NDyyyyyyODpBTDdBeTVBezzzzzzLdDzzzzzzdVp3PT0=:PrsU3VzkVg+C123456NxrCgDL6YWJfCVOxxxxxx7fwjsWCpqcvq2snF5NyyyyyyajAHgulItQlUMS1ZtBzzzzzzcWxcAJ8eh1J/Q7X3WEp+dlDmk78xxxxxxZO5ekdq7', 'token_type': 'bearer', 'expires_in': 1800}
Step 3: Make API request using the Access Token:
The example below is a GET request type made for Endpoints and Data Governance API.
curl -X GET -H 'Authorization: Bearer <Access Token>' https://apis.druva.com/insync/usermanagement/v1/users/{userID}
Updated 16 days ago