Skip to main content
Integration with Druva MSP APIs
Updated over 10 months ago

Overview

Druva offers MSP REST APIs to use our products more efficiently by integrating them with third-party software applications and services that are used within your organization. REST APIs offered by Druva can be used to automate certain workflows and could also be used to get information from Druva products and feed into another tool or application to build reports, run analytics, and perform actionable functions from it.

The API integration process involves creating the API credentials from Managed Services Center (MSC) portal and using these credentials to authenticate the third-party applications. API credentials required for authentication can be managed from MSC portal.

As a MSP administrator, you can create and manage API credentials from the MSC portal.

Detailed information is available at the Developer’s Documentation Portal - https://developer.druva.com.

API Integration Workflow

The following steps are involved to authenticate third-party applications and services to access Druva MSP REST APIs:

  1. Generate Client ID and Secret Key from the MSC portal. For more information, see Create and Manage API Credentials.


    ❗ Important

    • Druva supports OAuth 2.0 Client Credentials Grant Type.

    • The Client ID and Secret Key have access to all the Scopes by default. Currently, Druva does not support any specific scopes.


  2. Authenticate the third-party application using the Client ID and Secret Key through OAuth 2.0 with Grant Type set to Client Credentials. For more information, see Authentication.

  3. A successful authentication generates an access token that is valid for 15 minutes.

  4. Every API call which is made to Druva MSP APIs requires a valid access token.

  5. Upon successful authentication, MSC portal provides the necessary information from applicable products, based on the nature of the API.

Security and authentication

Druva supports OAuth 2.0 protocol of authentication and authorizations. OAuth is an open protocol for token-based authentication and authorization on the internet. For more information on OAuth 2.0, see the OAuth website.

Create and Manage API Credentials

Third-party applications and tools can access Druva REST APIs only if the third-party applications and tools are successfully authenticated using API credentials. The API credential is a combination of the Client ID and Secret Key and is equivalent to that of a user name and password.

As a MSP administrator, you can create and manage API credentials from the MSP portal. As a MSP administrator, you can also provide these API credentials to the developers within your organization to integrate various applications, tools, services, scripts with Druva.

This article provides instructions to create and manage API credentials.


❗ Important

Only MSP administrators can create and manage API credentials.


Manage API Credentials

  1. On the main menu of the MSC portal, click the Settings icon. The Settings page appears.

  2. On the Settings page, click API Credentials.

You see the following page when you access the API Credentials.

MSP_API_Credentials.png

You can perform the following actions over the API Credentials page :

Create new credentials

On the API Credentials page, perform the following steps to create new credentials:

  1. Click New Credentials. The New Credentials window appears.

  2. Provide a name for the credential.


    💡 Tip

    For ease of recognizing the credential name, it is recommended to name the credential so that it matches the name of the application or tool that you intend to integrate with Druva products.


  3. Click Save. The Credential Details window appears.

  4. Click the Newcopy icon to copy the auto-generated Client ID and Secret Key to the clipboard.


    ⚠️ Warning

    Client ID and Secret Key are equivalent to user name and password. One can access all the Druva MSP APIs and in turn, access your data stored within Druva products. Client ID and Secret Key must not be shared with unauthorized sources.



    ❗ Important

    • Secret Key is required to authenticate third-party applications to generate the access token.

    • You need to generate a new Secret Key for the associated credential if you do not copy the Secret Key as per step 4.

    • API usage and activities can be tracked through audit trails. The audit trails display the API credential details, target APIs, and user details along with the time of usage.


  5. Refer API integration workflow, to learn more about the workflow.

Generate new secret key

In case the Secret Key is lost, stolen, or you failed to copy at the time of generating New Credential, you must generate a new Secret Key.


❗ Important

  • If you generate a new Secret Key for the API credential which is currently in use, all the active tokens associated with the old Secret Key along with the old Secret Key will be revoked.

  • Any subsequent call request for authentication using the old Secret Key will not authenticate and will receive an unauthorized exception as a response. Integrations using the old API credentials will start failing unless they are updated with the new Secret Key.


On the API Credentials page, perform the following steps to generate new Secret Key:

  1. Click on the credential name for which you intend to generate a new secret key.

  2. Click more options Moreoptions button and select Generate New Secret Key.

  3. On the confirmation window, click Continue to generate new Secret Key.

  4. Click Newcopy icon to copy the auto-generated Client ID and Secret Key to the clipboard.

Rename existing credentials

On the API Credentials page, perform the following steps to rename existing credentials:

  1. Click on the credential name which you intend to rename.

  2. Click the Edit button. The Edit Credentials window appears.

  3. Type a new name for the selected credential.

  4. Click Save.

Delete existing credentials


❗ Important

Deleting the credential will result in immediate termination of all the active tokens made through that credential. All subsequent calls using this credential will receive an unauthorized exception as the response.


On the API Credentials page, perform the following steps to delete credentials:

  1. Click on the credential name which you intend to delete.

  2. Click more options Moreoptions button and select Delete Credential.

  3. On the confirmation window, click Delete to delete the credential.

Create API access token for your customer

You can utilize the access token generated from MSP admin API credentials to generate customer specific access tokens and leverage the customer APIs without generating separate credentials for every customer. This enables you to automate tasks related to each customer and keep track of the activities.

Generate access token for customers

You must have the MSP API Credentials, which is a combination of Client ID and Secret Key, for the application or tool which you intend to integrate with the Druva products.

Procedure:

  1. Create MSP API credentials from Druva Managed Services Center (MSC).

  2. Authenticate the third-party application using the Client ID and Secret Key through OAuth 2.0 with Grant Type set to Client Credentials. For more information, see Authentication.

  3. Get the customer global ID (GCID) by using the List all customers API.

  4. Use the Generate API access token for a customer API to generate an access token for the respective customer.

  5. Use this access token to use the respective customer APIs.

Did this answer your question?