To execute REST APIs securely and efficiently, you can create an access token in the Command Center. While creating an access token, you must provide a display name, expiration date or renewable period, and scope. Along with the access token a refresh token is also created. Use the refresh token to renew the access token after it expires.
Important
-
An access token functions like a password.
-
You must save both the access token and refresh token for your records and not share it with others.
-
If you lose the tokens, they cannot be retrieved.
After creating an access token, you can use it in your API requests as a Bearer Token.
Procedure
-
From the navigation pane, go to Manage > Security.
The Security page appears.
-
Click the Users tile.
The Users page appears.
-
In the User name column, click your user name.
The user page appears.
-
On the Access tokens tab, click Add token.
The Add token dialog box appears.
-
Enter the token's name, expiry date, and scope.
By default, an access token expires after 30 minutes by default, and the scope is set to All including all api.commvault.com endpoints.
-
To set a different scope, from the Scope list, select one of the following:
-
Microsoft SCIM: Executes Microsoft Azure SCIM protocol REST APIs.
-
1-Touch recovery: Executes the following 1-Touch APIs:
-
/Client
-
/MediaAgent
-
/ClientGroup
-
/V4/ServerGroup
-
/FirewallSummary
-
-
Custom: Executes specific APIs (for example, /Subclient).
Note
To list multiple endpoints, enter each endpoint on a new line.
-
-
-
Click SUBMIT.
An access token and a refresh token appear.
-
Copy and save the tokens.
Results
-
The access token is valid for 30 minutes.
-
After thirty minutes, use the Refresh token API to refresh the token according to the following rule:
- For scopes All and Custom, by default, you can renew the token multiple times until 90 days after creation. However, you can extend the time for multiple token renewals until 365 days by modifying the access token.