AvePoint Docs
Graph API
My support tickets
Graph API
My support tickets
English

Home > Use Public APIs for Job Information > Gets Access Token

Export to PDF

Gets Access Token

Gets the access token to authenticate with Cloud Backup for IaaS + PaaS Public API. To get the access token, specify the following attributes:

ElementDescription
identityServiceUrlFor Commercial environment, use: https://identity.avepointonlineservices.com For U.S. Government environment, use:https://identity-gov.avepointonlineservices.com
clientIdSpecifies the application (client) ID of the app you registered through AvePoint Online Services > Administration > App registrations.
scopeSpecifies the permission that has been granted to the app. For Cloud Backup for IaaS + PaaS, the value is platformbackup.readwrite.all.
certificateThumbprintThe thumbprint of the corresponding .pfx certificate file of the .cer certificate you used when registering the app.
TokenLifetimeInMinutesSpecifies an expiration time for the retrieved token. The unit of time is Minute.

Example

Var identityServiceUrl = “{https://identity.avepointonlineservices.com}”;

var client = new HttpClient();

var disco = await client.GetDiscoveryDocumentAsync(identityServiceUrl);

if (disco.IsError)

{

return;

}

var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest

{

Address = disco.TokenEndpoint,

ClientAssertion = new ClientAssertion()

{

        Type = OidcConstants.ClientAssertionTypes.JwtBearer,

        Value = CreateClientAuthJwt(disco)

},

Scope = “platformbackup.readwrite.all”,

}

if (tokenResponse.IsError)

{   

return;

}

return  tokenResponse.Json

private static string CreateClientAuthJwt(DiscoveryDocumentResponse response)

        {

            var clientId = “{Client ID}”;

            var certificateThumbprint = “{Certificate Thumbprint}”;

 

            // Sets the token to expire in 5 minutes.

            var tokenHandler = new JwtSecurityTokenHandler { TokenLifetimeInMinutes = 5 };

 

            var securityToken = tokenHandler.CreateJwtSecurityToken(

                issuer: clientId,

                audience: response.TokenEndpoint,

                subject: new ClaimsIdentity(

                  new List { new Claim(“sub”, clientId),

                  new Claim(“jti”, Guid.NewGuid().ToString())}),

                signingCredentials: new SigningCredentials(

                  new X509SecurityKey(new X509Certificate2(LoadCertificate(certificateThumbprint))), “RS256”)

            );

            return tokenHandler.WriteToken(securityToken);

        }

private static X509Certificate2 LoadCertificate(string certificateThumbprint)

        {

            var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);

            store.Open(OpenFlags.ReadOnly);

            var vCloudCertificate = store.Certificates.Find(

                    X509FindType.FindByThumbprint,

                    certificateThumbprint,

                    false)[0];

            return vCloudCertificate;

        }

On this page