Skip to main content

Token authentication

From the example in Quick start, you can see that using the CloudTower API involves two main steps. First, log in to obtain a token used for authentication. Second, include the token in the Authorization header when calling the corresponding API to perform operations. The token obtained in the first step does not have an expiration time and can be used indefinitely. Therefore, for a series of operations, you only need to obtain the token once.

Except for the login request, all requests must include the field for authentication.

CloudTower API authenticates requests by passing the Authorization field in the headers. You can obtain the token as follows using cURL: 
curl -X 'POST'  'http://CLOUDTOWER_ENDPOINT/v2/api/login'  -H 'accept: application/json'  -H 'content-language: en-US'  -H 'Content-Type: application/json'  -d '{
 "username": "string",
 "source": "LOCAL",
 "password": "string"
}'

The following result is obtained:

{
 "task_id": "string",
 "data": {
   "token": "string"
 }
}

After execution, the token for authentication can be found as the data.token field. Include it in header.Authorization.

  • When calling the API with curl, include -H 'Authorization: token-string' in your request.
  • When calling the API from the Swagger API documentation page, click the Authorization button and enter data.token into the value field.