Logging in using a one-time token

  1. Authenticate to the cloud platform via the Python shell.

    The following variables should be available now:

    >>> base_url  # the base URL of the API
    'https://eu2-cloud.acronis.com/api/2'
    >>> auth  # the 'Authorization' header value with the access token
    {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'}
    >>> tenant_id  # the UUID of the tenant to which the token provides access
    'ede9f834-70b3-476c-83d9-736f9f8c7dae'
    
  2. Define a variable named ott_data, and then assign the one-time token data to this variable:

    >>> ott_data = {
    ...     "login": "johncustomer@mysite.com",
    ...     "purpose": "user_login",
    ... }
    

    Name

    Value type

    Required

    Description

    login

    string

    Yes (if external_id and user_id are not specified)

    User account login in the cloud platform.

    purpose

    string

    Yes

    Purpose of the login. The only available option is user_login.

    external_id

    string

    Yes (if login and user_id are not specified)

    External user account UUID (if the user was registered using available identity provider).

    user_id

    UUID string

    Yes (if login and external_id are not specified)

    User account UUID in the cloud platform.

  3. Convert the ott_data object to a JSON text:

    >>> ott_data = json.dumps(ott_data, indent=4)
    >>> print(ott_data)
    {
        "login": "johncustomer@mysite.com",
        "purpose": "user_login"
    }
    
  4. Send a POST request with the JSON text to the /idp/ott endpoint:

    >>> response = requests.post(
    ...     f'{base_url}/idp/ott',
    ...     headers={'Content-Type': 'application/json', **auth},
    ...     data=ott_data,
    ... )
    
  5. Check the status code of the response:

    >>> response.status_code
    200
    

    Status code 200 means that the token has been successfully issued.

    A different status code means that an error has occurred. For the details, refer to “Status and error codes”.

    Also, the response body contains the one-time token formatted as a JSON text. When converted to an object, it will look as follows:

    >>> pprint.pprint(response.json())
    {'ott': 'T1RUAQAAAG8-AAAAAAAATxLwKLZ0RMaVZ3GEk4JUMw=='}
    

    Important

    A one-time token can be used only once and it is valid for 30 seconds after it was generated.

  6. Store the one-time token in a variable:

    >>> ott = response.json()['ott']
    
  7. Define a variable named login_data, and then assign the ott JSON parameter to this variable:

    >>> login_data = {
    ...     'ott': ott
    ... }
    
  8. >>> response = requests.post(
    ...     f'{base_url}/idp/ott/login',
    ...     headers={'Content-Type': 'application/json'},
    ...     data=login_data,
    ... )
    
  9. Check the status code of the response:

    >>> response.status_code
    200
    

    Status code 200 means that you have been authorized on behalf of the user account under the johncustomer@mysite.com login.

    A different status code means that an error has occurred. For the details, refer to “Status and error codes”.

    Also, the response body contains the user account information formatted as a JSON text. When converted to an object, it will look as follows:

    >>> pprint.pprint(response.json())
    {'activated': False,
     'business_types': [],
     'contact': {'address1': '',
                 'address2': '',
                 'city': '',
                 'country': '',
                 'email': 'johncustomer@mysite.com',
                 'firstname': 'John',
                 'lastname': 'Customer',
                 'phone': '',
                 'state': '',
                 'zipcode': ''},
     'created_at': '2019-08-10T08:00:00.807354+00:00',
     'enabled': True,
     'id': '2955b448-7df8-43uc-9c63-a21511dbe06d',
     'idp_id': '11111111-1111-1111-1111-111111111111',
     'language': 'en',
     'login': 'johncustomer@mysite.com',
     'mfa_status': 'disabled',
     'notifications': ['quota', 'reports', 'backup_daily_report'],
     'personal_tenant_id': None,
     'tenant_id': '2de246a4-1t3e-937c-9e76-5a21bd6492b',
     'terms_accepted': True,
     'version': 1}