Gets Access Token

Gets the access token to authenticate with Cloud Backup for IaaS + PaaS Public API. To get the access token, specify the following attributes:

Element	Description
identityServiceUrl	For Commercial environment, use: `https://identity.avepointonlineservices.com` For U.S. Government environment, use:`https://identity-gov.avepointonlineservices.com`
clientId	Specifies the application (client) ID of the app you registered through AvePoint Online Services > Administration > App registrations.
scope	Specifies the permission that has been granted to the app. For Cloud Backup for IaaS + PaaS, the value is platformbackup.readwrite.all.
certificateThumbprint	The thumbprint of the corresponding .pfx certificate file of the .cer certificate you used when registering the app.
TokenLifetimeInMinutes	Specifies an expiration time for the retrieved token. The unit of time is Minute.

Example

Var **identityServiceUrl** = “{https://identity.avepointonlineservices.com}”;

var client = new HttpClient();

var disco = await client.GetDiscoveryDocumentAsync(identityServiceUrl);

if (disco.IsError)

{

return;

}

var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest

{

Address = disco.TokenEndpoint,

ClientAssertion = new ClientAssertion()

{

        Type = OidcConstants.ClientAssertionTypes.JwtBearer,

        Value = CreateClientAuthJwt(disco)

},

**Scope** = “platformbackup.readwrite.all”,

}

if (tokenResponse.IsError)

{   

return;

}

return  tokenResponse.Json

private static string CreateClientAuthJwt(DiscoveryDocumentResponse response)

        {

            var **clientId** = “{Client ID}”;

            var **certificateThumbprint** = “{Certificate Thumbprint}”;

 

            // Sets the token to expire in 5 minutes.

            var tokenHandler = new JwtSecurityTokenHandler { **TokenLifetimeInMinutes** = 5 };

 

            var securityToken = tokenHandler.CreateJwtSecurityToken(

                issuer: clientId,

                audience: response.TokenEndpoint,

                subject: new ClaimsIdentity(

                  new List<Claim> { new Claim(“sub”, clientId),

                  new Claim(“jti”, Guid.NewGuid().ToString())}),

                signingCredentials: new SigningCredentials(

                  new X509SecurityKey(new X509Certificate2(LoadCertificate(certificateThumbprint))), “RS256”)

            );

            return tokenHandler.WriteToken(securityToken);

        }

private static X509Certificate2 LoadCertificate(string certificateThumbprint)

        {

            var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

            store.Open(OpenFlags.ReadOnly);

            var vCloudCertificate = store.Certificates.Find(

                    X509FindType.FindByThumbprint,

                    certificateThumbprint,

                    false)[0];

            return vCloudCertificate;

        }

On this page

VMs

Enable Backup for Azure Virtual Machines, Azure Storage, Azure SQL, and VMware

Enable Backup for Microsoft Entra ID or Admin Portal Settings

Enable Backup for Amazon EC2 Instances or AWS Platform Configurations

Enable Backup for Azure DevOps

Enable Backup for Azure AD B2C

Enable Backup for Google VM Instances or Google Cloud Storage

Enable Backup for SQL Server

Enable Replication (Private Preview)

Install a CAP Gateway

Use the Compare Method

Azure Virtual Machines

Amazon EC2

Google VM Instances

Microsoft Entra ID

Azure Storage

Azure AD B2C

Test Failover and Run Failover

Gets Access Token

Example

#Gets Access Token

#Example

Gets Access Token

Example