API Explorer
API Explorer
Getting Started
Recovery and Reuse Management
Authentication and Authorization
Application Data Management
Asset Management
Compliance
Asset Metadata
Secrets Manager
Cloud Disaster Recovery
Copy Management
Appliance Management
Telemetry Setting
Credentials Management
Storage Management
Discovery
Monitoring
File Level Restore
User Security Management
Inventory Source Management
Licenses Management
Location Management
Log Management
Virtual Machine Data Management
Protection Policies
Remote Service
Search Clusters
Server Disaster Recovery
Upgrade
Whitelist Management

Authentication and authorization

In this tutorial, you can learn about authentication and authorization in PowerProtect Data Manager.

Authentication

Authenticate using username and password

PowerProtect Data Manager supports authentication with the username and password that is:

  • Created during the PowerProtect Data Manager installation process
  • Updated from the PowerProtect Data Manager Administration > Users page
curl --request POST \
  --url https://<your-ppdm-server>:8443/api/v2/login \
  --header 'content-type: application/json' \
  --data '{"username":"<your-user-name>","password":"<your-password>"}'

Sample response:

{
    "access_token": "<access-token>",
    "token_type": "Bearer",
    "expires_in": 28800,
    "jti": "fe9d7333-758c-421c-90f4-fa96caa4ee7d",
    "scope": "aaa",
    "refresh_token": "<refresh-token>"
}

Role based authorization control

In PowerProtect Data Manager, three roles are defined:

  • Admin - The most privileged role
  • User - Includes most view operations but not management operations
  • Export and Recovery Admin - Provides limited view privilege, but has export and recovery privilege

Each API will be shown with role names. For example, if an API is marked as:

This endpoint supports execution by the following roles: admin,user

Then only those accounts with role Admin or User can be run.