Each request to an API endpoint must follow Bearer Authentication scheme, unless otherwise stated. This scheme requires specifying a token in the Authorization header of a request. A token is a unique cryptic string generated by the cloud platform. Tokens eliminate the need for passing user account credentials with requests.

Such a token is issued by the /api/2/idp/token endpoint provided by the Account Management API v2. Notary API works with tokens issued with the password grant type that requires only username and password credentials. To generate a token, refer to “Accessing the API

For example, a request made via cURL can be as follows:

curl -s \
    --header "Authorization: Bearer 8770b34b74f9e4d9424eff50c38182bb4ae7f5596582ae61900b1b6a23e3ec58"

If the token specified in the Authorization header is, for example, expired or your account is disabled, the API will respond with a 401 status code and error details.


For security reasons, the token expiration time is set to two hours. After this time, the API will respond with a 401 status code.