Druva offers REST APIs to use our products more efficiently by integrating them with third-party software applications and services that are used within your organization. REST APIs offered by Druva can be used to automate certain workflows and could also be used to get information from Druva products and feed into another tool or application to build reports, run analytics, and perform actionable functions from it.
The API integration process involves creating the API credentials from Druva Cloud Platform Console and using these credentials to authenticate the third-party applications. API credentials required for authentication can be managed from Druva Cloud Platform Console for all the Druva products.
As a Druva Cloud Administrator, you can create and manage API credentials from the Druva Cloud Platform Console.
Detailed information is available at the Developer’s Documentation Portal -https://developer.druva.com.
API Integration Workflow
The following steps are involved to authenticate third-party applications and services to access Druva REST APIs:
- Generate Client ID and Secret Key from the Druva Cloud Platform Console. For more information, see Create and Manage API Credentials.
- Druva supports OAuth 2.0 Client Credentials Grant Type.
- The Client ID and Secret Key have access to all the Scopes by default. Currently, Druva does not support any specific scopes.
- Authenticate the third-party application using the Client ID and Secret Key through OAuth 2.0 with Grant Type set to Client Credentials. For more information, see Authentication.
- A successful authentication generates an access token that is valid as follows:
For inSync and Druva Phoenix Public Cloud: 30 minutes
For Druva Phoenix Gov Cloud: 30 minutes
For inSync Gov Cloud: 15 minutes
- Every API call which is made to Druva APIs requires a valid access token.
- Upon successful authentication, Druva Cloud Platform Console provides the necessary information from applicable products, based on the nature of the API.
Security and authentication
Druva supports OAuth 2.0 protocol of authentication and authorizations. OAuth is an open protocol for token-based authentication and authorization on the internet. For more information on OAuth 2.0, see the OAuth website.