Access and Authentication

Connection

Requests can be made using HTTP requests. The base URL for all available environments is listed below.

Production

https://rp01.hostcontrol.com/api/v1

OTE

https://rp.hostcontrol-ote.com/api/v1

Authentication

Basic Authentication

Note

Authentication via API requests via a bearer token is preferred. Please see OpenID Connect.

Authentication is done by using HTTP Basic authentication. This can be tested using CURL:

curl \
--request <method> \
--user "{{api_username}}:{{api_key}}" \
<url>

OpenID Connect

Resellers that are migrated to the new identity provider are able to authorize their API requests using a bearer token. Using this authentication method requires you to setup a client in the Reseller Area first.

Requesting a Bearer Token

Request
curl \
    --request POST \
    --header "Content-Type: application/x-www-form-urlencoded" \
    --data "client_id=<client_id>&client_secret=<client_secret>&grant_type=client_credentials" \
    <token_endpoint>

Variable

Description

client_id

The Client ID you specified upon creation of the client.

client_secret

The Client Secret which can be found on the client details page after creation.

token_endpoint

The address of the token endpoint which can be found on the client details page.

Response
{
    "access_token":"<access_token>",
    "expires_in":300,
    "refresh_expires_in":1800,
    "refresh_token":"<refresh_token>"
}

Variable

Description

access_token

A valid access token that can be used as a bearer token in API requests.

refresh_token

A token that can be used to retrieve a new access token after it has expired.

expires_in

The amount of time (in seconds) the access token is valid after retrieving it.

refresh_token_exires_in

The amount of time (in seconds) the refresh token is valid.

API Request with Access Token

Once the access token is returned, it can be used as a bearer token. The example below shows how a request can be made.

curl \
    --request <method> \
    --header "Realm: <realm>" \
    --header "Authorization: Bearer <access_token>" \
    <url>

Variable

Description

method

Request method as described below in Requests.

realm

The name of the realm which matches your reseller reference.

access_token

The access token retrieved from Requesting a Bearer Token.

Requests

The REST API lets you interact from anything that can send an HTTP request using HTTP request methods.

Method

Description

GET

Get an object or an array of objects.

POST

Create a new object.

PUT

Update an object.

DELETE

Delete an object.

JSON

All requests and responses are JSON formatted. For POST and PUT requests, the body of each request should be entirely JSON encoded. For details on JSON please visit http://json.org/ for more information.

Date formatting

Please note that the date format used in requests and responses is formatted using ISO-8601. Please see http://en.wikipedia.org/wiki/ISO_8601 for more information. All dates are in UTC.