Skip to main content

Creating API credentials

Abstract

Learn how to create CloudConnexa API credentials, generate OAuth 2.0 access tokens, and authenticate API requests using the client_credentials flow.

CloudConnexa API credentials allow you to authenticate and make requests to the CloudConnexa API. After creating credentials, you use them to request an OAuth 2.0 access token, which is required for all API calls.

Before you begin

Ensure you have:

  • Access to the CloudConnexa Administration portal.

Create credentials in the Administration portal

  1. From the CloudConnexa Administration portal, navigate to API & Logs → API .

  2. Click Create Credentials.

  3. Enter a name for the credentials.

  4. Select a lifetime (two weeks, one month, six months, or one year).

  5. (Optional) Restrict access by specifying allowed IP subnet ranges.

  6. Select the permissions (read-only and/or modify access to resources).

  7. Click Create.

    • The API credentials are created, and the client ID and client secret are displayed. If this is your first set of API credentials, API access is enabled automatically.

Save your credentials

Important

Copy and securely store the following:

  • Public API Client ID

  • Public API Client Secret

You won't be able to view the client secret again once you leave the page.

Request an Access Token

Use your client ID and client secret to request an OAuth 2.0 access token using the client_credentials grant type.

Tip

You can also obtain an access token using the API endpoint. Refer to Request OAuth token.

Request Format

Use the following curl command to obtain an access token:

curl -X POST --location "https://{cloud_id}.api.openvpn.com/api/v1/oauth/token?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials" --http1.1

Replace:

  • {cloud_id} with your CloudConnexa Cloud ID.

  • {client_id} with the full Public API Client ID, including the prefix.

  • {client_secret} with the Public API Client Secret.

Example Response

If the request is successful, the API will respond with a JSON object containing your access_token:

{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOi...",
  "token_type": "bearer",
  "expires_in": 43199,
  "scope": "read write"
}

Use the access token

Include the access token in the Authorization header for all API requests:

Authorization: Bearer <access_token>

Token behavior

  • The access_token is valid for the number of seconds specified in expires_in.

  • When the token expires, request a new one using the same credentials.

  • Tokens aren't refreshable; generate a new token as needed.