Logging in using a one-time token

Authenticate to the cloud platform via the Python shell.

The following variables should be available now:

>>> base_url  # the base URL of the API
'<the data center URL>/api/2'
>>> auth  # the 'Authorization' header value with the access token
{'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImMwMD...'}
>>> tenant_id  # the UUID of the tenant to which the token provides access
'ede9f834-70b3-476c-83d9-736f9f8c7dae'

Define a variable named ott_data, and then assign the one-time token data to this variable:

>>> ott_data = {
...     "login": "johncustomer@mysite.com",
...     "purpose": "user_login",
... }

Name	Value type	Required	Description
`login`	string	Yes (if `external_id` and `user_id` are not specified)	User account login in the cloud platform.
`purpose`	string	Yes	Purpose of the login. The only available option is `user_login`.
`external_id`	string	Yes (if `login` and `user_id` are not specified)	External user account UUID (if the user was registered using available identity provider).
`user_id`	UUID string	Yes (if `login` and `external_id` are not specified)	User account UUID in the cloud platform.

Convert the ott_data object to a JSON text:

>>> ott_data = json.dumps(ott_data, indent=4)
>>> print(ott_data)
{
    "login": "johncustomer@mysite.com",
    "purpose": "user_login"
}

Send a POST request with the JSON text to the /idp/ott endpoint:

>>> response = requests.post(
...     f'{base_url}/idp/ott',
...     headers={'Content-Type': 'application/json', **auth},
...     data=ott_data,
... )

Check the status code of the response:
```
>>> response.status_code
200
```
Status code 200 means that the token has been successfully issued.

Note

A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.

Also, the response body contains the one-time token, formatted as a JSON text. When converted to an object, it will look like this:
```
>>> pprint.pprint(response.json())
{'ott': 'T1RUAQAAAG8-AAAAAAAATxLwKLZ0RMaVZ3GEk4JUMw=='}
```
Important

A one-time token can be used only once and it is valid for 30 seconds after it was generated.
Store the one-time token in a variable:
```
>>> ott = response.json()['ott']
```
Define a variable named login_data, and then assign the ott JSON parameter to this variable:
```
>>> login_data = {
...     'ott': ott
... }
```

>>> response = requests.post(
...     f'{base_url}/idp/ott/login',
...     headers={'Content-Type': 'application/json'},
...     data=login_data,
... )

Check the status code of the response:

>>> response.status_code
200

Status code 200 means that you have been authorized on behalf of the user account under the johncustomer@mysite.com login.

Note

A different status code means that an error has occurred. For details of the error, see HTTP status response codes and API error codes.

Also, the response body contains the user account information, formatted as a JSON text. When converted to an object, it will look like this:

>>> pprint.pprint(response.json())
{'activated': False,
 'business_types': [],
 'contact': {'address1': '',
             'address2': '',
             'city': '',
             'country': '',
             'email': 'johncustomer@mysite.com',
             'firstname': 'John',
             'lastname': 'Customer',
             'phone': '',
             'state': '',
             'zipcode': ''},
 'created_at': '2019-08-10T08:00:00.807354+00:00',
 'enabled': True,
 'id': '2955b448-7df8-43uc-9c63-a21511dbe06d',
 'idp_id': '11111111-1111-1111-1111-111111111111',
 'language': 'en',
 'login': 'johncustomer@mysite.com',
 'mfa_status': 'disabled',
 'notifications': ['quota', 'reports', 'backup_daily_report'],
 'personal_tenant_id': None,
 'tenant_id': '2de246a4-1t3e-937c-9e76-5a21bd6492b',
 'terms_accepted': True,
 'version': 1}