API Explorer
API Explorer
Getting Started
Appliance Management
Application Data Management
Asset Management
Asset Metadata
Authentication and Authorization
Cloud Disaster Recovery
Compliance
Copy Management
Credentials Management
Discovery
File Level Restore
Inventory Source Management
Licenses Management
Location Management
Log Management
Monitoring
Protection Policies
Recovery and Reuse Management
Remote Service
Search Clusters
Secrets Manager
Server Disaster Recovery
Storage Management
Telemetry Setting
Upgrade
User Security Management
Virtual Machine Data Management
Whitelist Management

Authentication and authorization

In this tutorial, you can learn about authentication and authorization in PowerProtect Data Manager.

Authentication

Authenticate using username and password

PowerProtect Data Manager supports authentication with the username and password that is:

  • Created during the PowerProtect Data Manager installation process
  • Updated from the PowerProtect Data Manager Administration > Users page
curl --request POST \
  --url https://<your-ppdm-server>:8443/api/v2/login \
  --header 'content-type: application/json' \
  --data '{"username":"<your-user-name>","password":"<your-password>"}'

Sample response:

{
    "access_token": "<access-token>",
    "token_type": "Bearer",
    "expires_in": 28800,
    "jti": "fe9d7333-758c-421c-90f4-fa96caa4ee7d",
    "scope": "aaa",
    "refresh_token": "<refresh-token>"
}

Role based authorization control

In PowerProtect Data Manager, three roles are defined:

  • Admin - The most privileged role
  • User - Includes most view operations but not management operations
  • Export and Recovery Admin - Provides limited view privilege, but has export and recovery privilege

Each API will be shown with role names. For example, if an API is marked as:

This endpoint supports execution by the following roles: admin,user

Then only those accounts with role Admin or User can be run.