Access Token and API Response FAQs

How to generate an Access Token?
To generate an Access Token, perform the following steps:

  1. Create API Credentials from the Druva Cloud Platform Console.
  2. Encode the API Credentials to Base64.
  3. Request and receive Access Token using the Base64 encoded API Credentials.
  4. Use the Access Token to make API calls.

What is the validity of the Access Token?
A successful authentication generates an access token that is valid as follows:

For Endpoints and Data Governance and Hybrid Workloads Public Cloud: 30 minutes

For Hybrid Workloads Gov Cloud: 30 minutes

For Endpoints and Data Governance Gov Cloud: 15 minutes

Can the validity of the Access Token be modified or extended?
No. The validity of the Access Token cannot be modified or extended.

How do I know if the validity of the Access Token has expired?
An API response with error code 403 is returned if the Access Token has expired.

Is the Access Token common and can be used to access and interact with both, Druva Endpoints and Data Governance and Druva Hybrid Workloads?
Yes. Both Druva Endpoints and Data Governance and Druva Hybrid Workloads use the same authentication method and you can use the common Access Token to access the APIs.

How many records are returned in one API response?
An API response returns a maximum of 4097 records. If the requested API has a response size that is more than 4097 records, a nextPageToken parameter with its corresponding value is returned. To fetch the next set of records, you must use this nextPageToken value in the pageToken parameter of the next API request.

Events API request returns a response that contains a maximum of 500 Endpoints and Data Governance events. If there are more than 500 events, the response also contains a Tracker, an identifier that contains Endpoints and Data Governance database reference and identifies the next set of unique events when a successive Events API call is made.

Security FAQs

Is TLS required even though we are now using OAuth 2.0 based authentication?
Druva recommends using TLS v1.2 for greater security.

Download API Specification

Developers can download the API Specification for a Druva product and consume it offline. We support the export of API specification to OAS 3.0.

To download the API specification just append /openapi to the Druva Developer Portal URL. Select the product to view and download the API specification for the product you are interested in.



Druva regularly updates the API specification to add new APIs, query parameters, and API responses. If you are downloading the API specification, ensure you refer to the Druva Developer Portal for the latest API specification regularly.