Who is this article for?
Incydr Professional and Enterprise, yes.
Incydr Basic and Advanced, yes.
CrashPlan Cloud, yes.
Other product plans, yes.
CrashPlan for Small Business, no.
This article applies to Code42 cloud environments.
Other available versions:
Most requests to the Code42 API must be authenticated. This article describes the available Code42 API authentication methods and provides examples of their use.
The examples in this article use curl, but the concepts apply to other tools that can be used to interact with the Code42 API.
In addition, the examples in this article use resource https://console.us.code42.com, but the resource you use depends on your Code42 cloud address:
- United States:
Code42 console URL console.us2.crashplan.com was formerly www.crashplan.com/console. For more information, see Changes to server URLs.
This article applies to non-Incydr product plans. If you have an Incydr product plan, see the Code42 Developer Portal for API documentation and resources. The portal provides:
Code42 API documentation is publicly available on the Code42 Developer Portal. You can see it in a browser without signing in. But the API resources themselves only work for you under these conditions:
- You have a product plan that includes access to the Code42 API.
- Your credentials rely on local authentication. SSO or authentication through any third-party provider will not work.
- Your role provides permission to access the data necessary to a given API resource. For example, if you do not have permission to change device settings in the Code42 console, then you don't have permission to change device settings with the API.
If your API calls fail because you do not have permission to use them, you will see reply messages like these:
- HTTP 401 Unauthorized
- HTTP 401 Could not authenticate user
- Your Code42 product plan does not permit use of the Code42 API.
Comparison of Code42 API authentication methods
The Code42 API offers the following authentication methods:
- Basic: You provide your username and password to authenticate each API request.
- Token: You obtain a temporary authentication token that is good for 30 minutes and use it to authenticate API requests. Token authentication is required if your organization uses two-factor authentication for local users. If two-factor authentication is not enabled, you have the choice to use token authentication for any API request.
The following table describes the advantages and disadvantages of each authentication method:
|Basic||Simple to use.||
More complex to use.
Use basic authentication
Use basic authentication for any version 1 or 4 and later resource, and version 3's /auth/jwt resource. To use basic authentication, include your Code42 username in the API request and supply your password when prompted.
curl -u "username" https://console.us.code42.com/api/Computer
Use token authentication
Use the same /v3/auth/jwt token to request any API resource of any version.
All version 3 resources require token authentication, except the /v3/auth/jwt resource.
Step 1: Get the token
- Include your Code42 username in a GET request to auth/jwt and supply your password when prompted.
curl -u "username" https://console.us.code42.com/c42api/v3/auth/jwt?useBody=trueAuthentication cookies are not supported
You must include the
?useBody=truequery parameter in the
auth/jwtrequest to return the token in the response body. Omitting the
?useBody=truequery parameter or using
?useBody=falseresults in the token being returned in an authentication cookie, which is not supported by the Code42 API. Include the returned token in subsequent API requests using the authorization header with the
Bearerscheme, for example,
-H 'authorization: Bearer
If your organization uses two-factor authentication for local users, you must also include a totp-auth header value containing the six- to eight-digit Time-based One-Time Password (TOTP) supplied by the Google Authenticator mobile app. (Sending the request without the TOTP displays the error message
TIME_BASED_ONE_TIME_PASSWORD_REQUIRED.) The example below includes a TOTP value of 424242.Copied!
curl -u "username" -H "totp-auth: 424242" https://console.us.code42.com/c42api/v3/auth/jwt?useBody=true
- From the reply, copy the value of the v3_user_token. In the example below, it is
Step 2: Use the token in API requests
Include that token in API requests. For example:
tkn="eyJjdHki...txd546Eg" curl --header 'Authorization: Bearer '$tkn https://console.us.code42.com/api/User curl --header 'Authorization: Bearer '$tkn https://console.us.code42.com/c42api/v3/org/<organizationID>/user curl -H 'Authorization: Bearer '$tkn https://console.us.code42.com/api/v4/role/view