Generating an external login URL
Authenticate to the cloud platform via the Python shell.
The following variables should be available now:
>>> base_url # the base URL of the API '<the data center URL>/api/2' >>> auth # the 'Authorization' header value with the access token {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'} >>> tenant_id # the UUID of the tenant to which the token provides access 'ede9f834-70b3-476c-83d9-736f9f8c7dae'
Define a variable named
ott_data
, and then assign the one-time token data to this variable:>>> ott_data = { ... "login": "johncustomer@mysite.com", ... "purpose": "user_login", ... }
Name
Value type
Required
Description
login
string
Yes (if
external_id
anduser_id
are not specified)User account login in the cloud platform.
purpose
string
Yes
Purpose of the login. The only available option is
user_login
.external_id
string
Yes (if
login
anduser_id
are not specified)External user account UUID (if the user was registered using available identity provider).
user_id
UUID string
Yes (if
login
andexternal_id
are not specified)User account UUID in the cloud platform.
Convert the
ott_data
object to a JSON text:>>> ott_data = json.dumps(ott_data, indent=4) >>> print(ott_data) { "login": "johncustomer@mysite.com", "purpose": "user_login" }
Send a POST request with the JSON text to the
/idp/ott
endpoint:>>> response = requests.post( ... f'{base_url}/idp/ott', ... headers={'Content-Type': 'application/json', **auth}, ... data=ott_data, ... )
Check the status code of the response:
>>> response.status_code 200
Status code 200 means that the token has been successfully issued.
Note
A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.
Also, the response body contains the one-time token, formatted as a JSON text. When converted to an object, it will look like this:
>>> pprint.pprint(response.json()) {'ott': 'T1RUAQAAAG8-AAAAAAAATxLwKLZ0RMaVZ3GEk4JUMw=='}
Important
A one-time token can be used only once and it is valid for 30 seconds after it was generated.
Store the one-time token in a variable:
>>> ott = response.json()['ott']
URL encode the one-time token:
>>> from urllib.parse import quote >>> ott = quote(ott)
Define a variable and store a URL to which the user will be redirected. As an example, the backup console URL will be used:
>>> target_uri = 'https://mc-beta-cloud.acronis.com/bc/'
The external login URL must lead to the
/idp/external-login
endpoint and containott
andtargetURI
as query string parameters. Form the link using the variables above and open it to log in to the service:>>> sso_link = f'{base_url}/idp/external-login#ott={ott}&targetURI={target_uri}' >>> sso_link 'https://mc-beta-cloud.acronis.com/api/2/idp/external-login#ott=T1RUAQAAAG8-AAAAAAAATxLwKLZ0RMaVZ3GEk4JUMw%3D%3D&targetURI=https://mc-beta-cloud.acronis.com/bc/'