Skip to content

Authentication

Cloudmore API uses the Open Authorization (OAuth) 2.0 authorization framework for token-based authentication. OAuth is an open standard that provides secure access to protected resources.

To use the Cloudmore API, you need to request an access token. After you receive an access token, include the access token in the header of all requests to the Cloudmore API.

An access token is valid for 24 hours. Please use the same access token until it is about to expire.

To request an access token, you will need the following:

  1. API secret provided by Cloudmore.
  2. API user username (created in Cloudmore)
  3. API user password (created in Cloudmore)

encode API SECRET

The API access credentials must be encoded into a base64 string when requesting an access token. Most programming languages include functions to encode base64 strings. You can also use online tools to encode text to base64.

You should base64 encode the API access credentials in the format client_id:client_secret.

The clientId is: ro.customer.client

Example of a base64 encoded string: cm7iy4MZeH8tZxIpY3xpZW60OkBsb4VkWGg5cmvPUT2TZWMyMzc=

request Access token

To get an access token from Cloudmore Authentication API, make a request to:

Endpoint: https://api.cloudmore.com/connect/token

Request headers:

Content-Typeapplication/x-www-form-urlencoded
AuthorizationThe text Basic followed by a space and the base64 encoded API secret.
Example: “Basic VGhpc0lzTXlQYXNzd29yZA==”

Request body:

grant_typeThe grant type value for the client credentials grant mechanism. The value must be password&username
and the credentials for the API accounts need to be submitted.
Example: grant_type=password&username={myuser@broker.com}&password={myPassword}&scope=api’
scopeThe scope of the access request. The value must be api.

Example

In the following request the Authorization base64 string and {username} and {password} need to be updated with actual values.

curl -X POST https://api.cloudmore.com/connect/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Basic VGhpc0lzTXlQYXNzd29yZA==' \
-d 'grant_type=password&username={username}&password={password}&scope=api'

Example response:

{
 "access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6IkMzRERCQTEzNkU4MzFDN...",
 "expires_in":86400,
 "token_type":"Bearer"
}

The response contains this information:

access_token (string)
The generated access token that is used to authorize your API requests.
To prove your identity, you must include an access token in the header of all requests you make to th
Cloudmore API. Use the token as the value of the Authorization parameter in the API request header.
token_type (string)The type of token generated.
The value is always Bearer.
expires_in (integer)The amount of time until the access token expires, in seconds.
The value is always 86400.

When you make an API request, include your access token in the Authorization header parameter. For example:

curl -X GET https://api.cloudmore.com/api/resellers/{resellerId}/Organizations \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkMzRERCQTEzNkU4MzFDN...'

Access Token Expiration

When you generate an access token, the token is valid for 86400 seconds (24 hours). You can reuse the same token in API requests until it expires, then you must request a new token. If you use an expired token in a request, the
response contains the 401 Unauthorized status code.

Use one of these methods to determine when to request a new access token:

  1. Keep track of the time since you received a token, and request a new token before the number of seconds in the expires_in field for the current token reaches zero.
  2. Request a new token after you receive the 401 Unauthorized status code that indicates the current token is expired.