Logging in using a one-time token
Authenticate to the cloud platform via the Python shell.
The following variables should be available now:
>>> base_url # the base URL of the API '<the data center URL>/api/2' >>> auth # the 'Authorization' header value with the access token {'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'} >>> tenant_id # the UUID of the tenant to which the token provides access 'ede9f834-70b3-476c-83d9-736f9f8c7dae'
Define a variable named
ott_data
, and then assign the one-time token data to this variable:>>> ott_data = { ... "login": "johncustomer@mysite.com", ... "purpose": "user_login", ... }
Name
Value type
Required
Description
login
string
Yes (if
external_id
anduser_id
are not specified)User account login in the cloud platform.
purpose
string
Yes
Purpose of the login. The only available option is
user_login
.external_id
string
Yes (if
login
anduser_id
are not specified)External user account UUID (if the user was registered using available identity provider).
user_id
UUID string
Yes (if
login
andexternal_id
are not specified)User account UUID in the cloud platform.
Convert the
ott_data
object to a JSON text:>>> ott_data = json.dumps(ott_data, indent=4) >>> print(ott_data) { "login": "johncustomer@mysite.com", "purpose": "user_login" }
Send a POST request with the JSON text to the
/idp/ott
endpoint:>>> response = requests.post( ... f'{base_url}/idp/ott', ... headers={'Content-Type': 'application/json', **auth}, ... data=ott_data, ... )
Check the status code of the response:
>>> response.status_code 200
Status code 200 means that the token has been successfully issued.
Note
A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.
Also, the response body contains the one-time token, formatted as a JSON text. When converted to an object, it will look like this:
>>> pprint.pprint(response.json()) {'ott': 'T1RUAQAAAG8-AAAAAAAATxLwKLZ0RMaVZ3GEk4JUMw=='}
Important
A one-time token can be used only once and it is valid for 30 seconds after it was generated.
Store the one-time token in a variable:
>>> ott = response.json()['ott']
Define a variable named
login_data
, and then assign theott
JSON parameter to this variable:>>> login_data = { ... 'ott': ott ... }
>>> response = requests.post( ... f'{base_url}/idp/ott/login', ... headers={'Content-Type': 'application/json'}, ... data=login_data, ... )
Check the status code of the response:
>>> response.status_code 200
Status code 200 means that you have been authorized on behalf of the user account under the
johncustomer@mysite.com
login.Note
A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.
Also, the response body contains the user account information, formatted as a JSON text. When converted to an object, it will look like this:
>>> pprint.pprint(response.json()) {'activated': False, 'business_types': [], 'contact': {'address1': '', 'address2': '', 'city': '', 'country': '', 'email': 'johncustomer@mysite.com', 'firstname': 'John', 'lastname': 'Customer', 'phone': '', 'state': '', 'zipcode': ''}, 'created_at': '2019-08-10T08:00:00.807354+00:00', 'enabled': True, 'id': '2955b448-7df8-43uc-9c63-a21511dbe06d', 'idp_id': '11111111-1111-1111-1111-111111111111', 'language': 'en', 'login': 'johncustomer@mysite.com', 'mfa_status': 'disabled', 'notifications': ['quota', 'reports', 'backup_daily_report'], 'personal_tenant_id': None, 'tenant_id': '2de246a4-1t3e-937c-9e76-5a21bd6492b', 'terms_accepted': True, 'version': 1}