Troubleshooting and FAQs
Troubleshooting common API issues
Issue
You get the following error message:
User is not authorized to access this resource with an explicit deny
Cause
You may get this error due to several reasons:
- You do not have the Cloud Administrator role.
- You invoked the APIs on the incorrect cloud.
Resolution
- Make sure you have the Cloud Administrator role.
- Make sure you invoke the API on the same cloud for which you have generated the authentication token. For example, if you generate token for Mainline cloud, then make sure you are invoking the API on the Mainline cloud, else you will get authentication error. For the base URLs for mainline and gov cloud, see Request and response structure.
Access Token and API Response FAQs
How to generate an Access Token?
To generate an Access Token, perform the following steps:
- Create API Credentials from the Druva Cloud Platform Console.
- Encode the API Credentials to Base64.
- Request and receive Access Token using the Base64 encoded API Credentials.
- Use the Access Token to make API calls.
What is the validity of the Access Token?
A successful authentication generates an access token that is valid as follows:
For Endpoints and Data Governance and Hybrid Workloads Public Cloud: 30 minutes
For Hybrid Workloads Gov Cloud: 30 minutes
For Endpoints and Data Governance Gov Cloud: 15 minutes
Can the validity of the Access Token be modified or extended?
No. The validity of the Access Token cannot be modified or extended.
How do I know if the validity of the Access Token has expired?
An API response with error code 403 is returned if the Access Token has expired.
Is the Access Token common and can be used to access and interact with both, Druva Endpoints and Data Governance and Druva Hybrid Workloads?
Yes. Both Druva Endpoints and Data Governance and Druva Hybrid Workloads use the same authentication method and you can use the common Access Token to access the APIs.
How many records are returned in one API response?
An API response returns a maximum of 4097 records. If the requested API has a response size that is more than 4097 records, a nextPageToken parameter with its corresponding value is returned. To fetch the next set of records, you must use this nextPageToken value in the pageToken parameter of the next API request.
Events API request returns a response that contains a maximum of 500 Endpoints and Data Governance events. If there are more than 500 events, the response also contains a Tracker, an identifier that contains Endpoints and Data Governance database reference and identifies the next set of unique events when a successive Events API call is made.
Security FAQs
Is TLS required even though we are now using OAuth 2.0 based authentication?
Druva recommends using TLS v1.2 for greater security.
Download API Specification
Developers can download the API Specification for a Druva product and consume it offline. We support the export of API specification to OAS 3.0.
To download the API specification just append /openapi to the Druva Developer Portal URL. Select the product to view and download the API specification for the product you are interested in.
https://developer.druva.com/openapi
Important
Druva regularly updates the API specification to add new APIs, query parameters, and API responses. If you are downloading the API specification, ensure you refer to the Druva Developer Portal for the latest API specification regularly.
Updated 16 days ago