API Explorer
API Explorer
What's New
Appliance Management
Application Data Management
Asset Management
Asset Metadata
Authentication and Authorization
Cloud Disaster Recovery
Copy Management
Credentials Management
File Level Restore
Inventory Source Management
Kubernetes Data Management
Licenses Management
Location Management
Log Management
Protection Policies
Recovery and Reuse Management
Remote Service
Search Clusters
Secrets Manager
Server Disaster Recovery
Storage Management
Telemetry Setting
User Security Management
Virtual Machine Data Management
Whitelist Management

Authentication and authorization

In this tutorial, you can learn about authentication and authorization in PowerProtect Data Manager.


Authenticate using username and password

PowerProtect Data Manager supports authentication with the username and password that is:

  • Created during the PowerProtect Data Manager installation process
  • Updated from the PowerProtect Data Manager Administration > Users page
curl --request POST \
  --url https://<your-ppdm-server>:8443/api/v2/login \
  --header 'content-type: application/json' \
  --data '{"username":"<your-user-name>","password":"<your-password>"}'

Sample response:

    "access_token": "<access-token>",
    "token_type": "Bearer",
    "expires_in": 28800,
    "jti": "fe9d7333-758c-421c-90f4-fa96caa4ee7d",
    "scope": "aaa",
    "refresh_token": "<refresh-token>"

Role based authorization control

In PowerProtect Data Manager, three roles are defined:

  • Admin - The most privileged role
  • User - Includes most view operations but not management operations
  • Export and Recovery Admin - Provides limited view privilege, but has export and recovery privilege

Each API will be shown with role names. For example, if an API is marked as:

This endpoint supports execution by the following roles: admin,user

Then only those accounts with role Admin or User can be run.