Skip to main content
Code42 Support

Code42 API Authentication Methods

Applies to:
  • CrashPlan PROe


Every request to the Code42 API must be authenticated. This article describes the available Code42 API authentication methods and provides examples of their use.

The examples in this article use curl, but the concepts apply to other tools that can be used to interact with the Code42 API.

Comparison of Code42 API authentication methods

The Code42 API offers the following authentication methods:

  • Basic: You provide your username and password to authenticate each API request.
  • Token: You obtain a temporary authentication token that is good for 30 minutes and use it to authenticate API requests.

The following table describes the advantages and disadvantages of each authentication method:

Authentication Method Advantages Disadvantages
Basic Simple to use Passwords may be saved in the history of your tool
  • Better performance
  • Better security (tokens expire in 30 minutes)
More complex to use

Using basic authentication

To use basic authentication, include your username and password in the API request.

curl -X GET -u "username:password"
Interactive authentication
If you do not want your password to appear in your command history, you can omit the password from the initial API request and enter your password when prompted.

Using token authentication

You can use a token to authenticate API requests instead of a username and password. Token authentication offers better performance than basic authentication, and does not require entering your password each time. Tokens expire in 30 minutes.

Step 1: Get the token

  1. Use basic authentication to get the token by sending a POST to the authToken resource:
    curl -X POST -u "username:password" | python -m json.tool
  2. In the output of the API request, locate the two authentication tokens in the data element:
        "data": [
        "metadata": {
            "params": {},
            "timestamp": "2015-03-30T16:50:02.115-05:00"

Step 2: Use the token to authenticate subsequent API requests

Make an API request that uses the token by including --header "Authorization: token <token1>-<token2>" in the request:

curl -X GET --header "Authorization: token 05oteh6q894290b6vucyuk5tl7-1c6r5o1nbb6y60h4t1axft06pn"