Authentication

Each request to an API endpoint must follow Bearer Authentication scheme, unless otherwise stated. This scheme requires specifying a token in the Authorization header of a request. A token is a unique cryptic string generated by the cloud platform. Tokens eliminate the need for passing user account credentials with requests.

Such a token is issued by the /idp/token endpoint provided by the Account Management API v2. To generate a token, refer to “Authenticating to the platform”

For example, a request made via cURL can be as follows:

curl -s https://eu2-cloud.acronis.com/api/policy_management/v4/policies \
    --header "Authorization: Bearer 8770b34b74f9e4d9424eff50c38182bb4ae7f5596582ae61900b1b6a23e3ec58"

If the token specified in the Authorization header is, for example, expired or your account is disabled, the API will respond with a 401 status code and error details.

Important

For security reasons, the token expiration time is set to two hours. After this time, the API will respond with a 401 status code.