Skip to main content
Druva Documentation

Create and Manage API Credentials

Overview

Third-party applications and tools can access Druva REST APIs only if the third-party applications and tools are successfully authenticated using API credentials. The API credential is a combination of the Client ID and Secret Key and is equivalent to that of a user name and password.

As a Druva Cloud Administrator, you can create and manage API credentials from the Druva Cloud Platform Console. As a Druva Cloud administrator, you can also provide these API credentials to the developers within your organization to integrate various applications, tools, services, scripts with Druva products. 

This article provides instructions to create and manage API credentials. 

 Only Druva Cloud administrators can create and manage API credentials. 

Manage API Credentials

  1. Click the Druva logo Druva_Icon.png > Druva Cloud Settings.

    GBar2.png
  2. On the Settings page, click API Credentials. 

You see the following page when you access the API Credentials

APISettingsPage.png

You can perform the following actions over the API Credentials page

Create new credentials 

On the API Credentials page, perform the following steps to create new credentials: 

  1. Click New Credentials. The New Credentials window appears. 
  2. Provide a name for the credential. 

    For ease of recognizing the credential name, it is recommended to name the credential so that it matches the name of the application or tool that you intend to integrate with Druva products. 

     

     

  3. To apply network restrictions, perform the steps provided in Apply network restrictions
  4. To apply authorization restrictions, perform the steps provided in Apply authorization restrictions.
  5. Click Save. The Credential Details window appears.
  6. Click the NewCopyButton.png icon to copy the auto-generated Client ID and Secret Key to the clipboard.

    Client ID and Secret Key are equivalent to user name and password. One can access all the Druva APIs and in turn, access your data stored within Druva products. Client ID and Secret Key must not be shared with unauthorized sources.

    • Secret Key is required to authenticate third-party applications to generate the access token.
    • You need to generate a new Secret Key for the associated credential if you do not copy the Secret Key as per step 3.
    • API usage and activities can be tracked through audit trails. The audit trails display the API credential details, target APIs, and user details along with the time of usage. 
  7. Refer API integration workflow, to learn more about the workflow.

Apply network restrictions

With the Network Restriction feature, you have an option to secure the usage of API credentials and access to your data via APIs. The Network Restriction feature restricts the API usage from a particular IP address or a range of IP addresses.

On the API Credentials page, perform the following steps to apply network restrictions: 

  1. Click on the credential name for which you intend to apply network restrictions. 
  2. Click Edit. The Edit Credentials window appears.
  3. Select Enable Restrictions checkbox.
  4. In the IPs box, type the public IPs of your corporate network.
    You can specify the IP addresses in the following formats.
IP Address Example
Single IP address
192.0.2.123
Range of IP address, separated by a hyphen (-).
192.0.2.1 - 192.0.3.254
Multiple ranges of IP address, separated by comma (,).
192.0.2.1 - 192.0.3.254, 192.0.7.1,
192.100.0.1 - 192.100.0.254

Apply authorization restrictions

With the Authorization Restriction feature, you have an option to apply role-based restrictions to API credential authorization.

As a result, administrators configuring applications with these API Credentials can only view the information based on the role assigned to these API Credentials. 

On the API Credentials page, perform the following steps to apply the restriction to API credential authorization across Druva inSync and Phoenix.​​​​

  1. Click on the credential name for which you intend to apply network restrictions. 
  2. Click Edit. The Edit Credentials window appears.
  3. Select Druva Cloud Administrator, if you want only Druva Cloud administrators to authorize the API credentials.
  4. Select Product Administrator to choose the applicable product administrator from Druva inSync and Phoenix.
  5. Click Save.

Generate new secret key

In case the Secret Key is lost, stolen, or you failed to copy at the time of generating New Credential, you must generate a new Secret Key.  

  • If you generate a new Secret Key for the API credential which is currently in use, all the active tokens associated with the old Secret Key along with the old Secret Key will be revoked.
  • Any subsequent call request for authentication using the old Secret Key will not authenticate and will receive an unauthorized exception as a response.   Integrations using the old API credentials will start failing unless they are updated with the new Secret Key.

On the API Credentials page, perform the following steps to generate new Secret Key:

  1. Click on the credential name for which you intend to generate a new secret key. 
  2. Click more options MoreOptionsButton.png button and select Generate New Secret Key
  3. On the confirmation window, click Continue to generate new Secret Key.
  4. Click NewCopyButton.png icon to copy the auto-generated Client ID and Secret Key to the clipboard.

Rename existing credentials

 On the API Credentials page, perform the following steps to rename existing credentials: 

  1. Click on the credential name which you intend to rename.
  2. Click the Edit button. The Edit Credentials window appears. 
  3. Type a new name for the selected credential.
  4. Click Save

Delete existing credentials

Deleting the credential will result in immediate termination of all the active tokens made through that credential. All subsequent calls using this credential will receive an unauthorized exception as the response. 

On the API Credentials page, perform the following steps to delete credentials: 

  1. Click on the credential name which you intend to delete. 
  2. Click more options MoreOptionsButton.png button and select Delete Credential
  3. On the confirmation window, click Delete to delete the credential. 

 

  • Was this article helpful?