Skip to main content

This article applies to Cloud.

Other available versions:

Version 6 | Version 5 | Version 4icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

Code42 API authentication methods

This article applies to Cloud.

Other available versions:

Version 6 | Version 5 | Version 4icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business

Overview

Most requests to the Code42 API must be authenticated. This article describes the available Code42 API authentication methods and provides examples of their use.

The examples in this article use curl, but the concepts apply to other tools that can be used to interact with the Code42 API.

Considerations

The Code42 API documentation viewers are publicly available. You can see them in a browser without signing in. But the API resources themselves only work for you under these conditions:

  • You have a premium or enterprise product plan.
  • Your credentials rely on local authentication. SSO or authentication through any third-party provider will not work.
  • Your role provides permission to access the data necessary to a given API resource. For example, if you do not have permission to change device settings in the administration console, then you don't have permission to change device settings with the API.

The Code42 API and the documentation viewers are built to serve both the Code42 cloud and on-premises Code42 environments.
Customers using the Code42 cloud will see documentation about API resources that to do not apply to the Code42 cloud. For example:

  • Resources for managing LDAP.
  • Resources for managing storage servers.

If your API calls fail because you do not have permission to use them, you will see reply messages like these:

  • HTTP 401 Unauthorized
  • HTTP 401 Could not authenticate user
  • Your Code42 product plan does not permit use of the Code42 API.

Comparison of Code42 API authentication methods

The Code42 API offers the following authentication methods:

  • Basic: You provide your username and password to authenticate each API request.
  • Token: You obtain a temporary authentication token that is good for 30 minutes and use it to authenticate API requests.

The following table describes the advantages and disadvantages of each authentication method:

Authentication method Advantages Disadvantages
Basic Simple to use.
  • Passwords may be saved in the history of your tool.
  • Not allowed for version 3 resources, except for the resource that provides a token.

 

Token
  • Better performance.
  • More secure
    (tokens expire in 30 minutes).

More complex to use.

More authentication alternatives:
For other alternatives, see the curl documentation or use some tool other than curl.

Use basic authentication

Use basic authentication for any version 1 or 4 resource, and version 3's /auth/jwt resource.

To use basic authentication, include your username and password in the API request.

curl -u "username:password" https://www.crashplan.com/api/Computer
Interactive authentication
If you do not want your password to appear in your command history, you can omit the password from the initial API request and enter your password when prompted.

Use token authentication

Use the same /v3/auth/jwt token to request any API resource of any version.

All version 3 resources require token authentication, except the /v3/auth/jwt resource.

Step 1: Get the token

  1. Use basic authentication to get the token with a GET request to auth/jwt.
    curl -u "username:password" https://www.crashplan.com/c42api/v3/auth/jwt?useBody=true
    
    Interactive authentication
    If you do not want your password to appear in your command history, you can omit the password from the initial API request and enter your password when prompted.
  2. From the reply, copy the value of the v3_user_token. In the example below, it is eyJjdHki...txd546Eg
    {"data":{"v3_user_token":"eyJjdHki...txd546Eg"},"error":null,"warnings":null}
    

Step 2: Use the token in API requests

Include that token in API requests. For example:

tkn="eyJjdHki...txd546Eg"
curl --header 'Authorization: v3_user_token '$tkn https://www.crashplan.com:4285/api/User
curl --header 'Authorization: v3_user_token '$tkn https://www.crashplan.com:4285/c42api/v3/org/<organizationID>/user
curl -H 'Authorization: v3_user_token '$tkn https://www.crashplan.com/api/v4/role/view