Access and Authentication


Requests can be made using HTTP requests. The base URL for all available environments is listed below.



Basic Authentication


Authentication via API requests via a bearer token is preferred. Please see OpenID Connect.

Authentication is done by using HTTP Basic authentication. This can be tested using CURL:

curl \
--request <method> \
--user "{{api_username}}:{{api_key}}" \

OpenID Connect

Resellers that are migrated to the new identity provider are able to authorize their API requests using a bearer token. Using this authentication method requires you to setup a client in the Reseller Area first.

Requesting a Bearer Token

curl \
    --request POST \
    --header "Content-Type: application/x-www-form-urlencoded" \
    --data "client_id=<client_id>&client_secret=<client_secret>&grant_type=client_credentials" \
Variable Description
client_id The Client ID you specified upon creation of the client.
client_secret The Client Secret which can be found on the client details page after creation.
token_endpoint The address of the token endpoint which can be found on the client details page.
Variable Description
access_token A valid access token that can be used as a bearer token in API requests.
refresh_token A token that can be used to retrieve a new access token after it has expired.
expires_in The amount of time (in seconds) the access token is valid after retrieving it.
refresh_token_exires_in The amount of time (in seconds) the refresh token is valid.

API Request with Access Token

Once the access token is returned, it can be used as a bearer token. The example below shows how a request can be made.

curl \
    --request <method> \
    --header "Realm: <realm>" \
    --header "Authorization: Bearer <access_token>" \
Variable Description
method Request method as described below in Requests.
realm The name of the realm which matches your reseller reference.
access_token The access token retrieved from Requesting a Bearer Token.


The REST API lets you interact from anything that can send an HTTP request using HTTP request methods.

Method Description
GET Get an object or an array of objects.
POST Create a new object.
PUT Update an object.
DELETE Delete an object.


All requests and responses are JSON formatted. For POST and PUT requests, the body of each request should be entirely JSON encoded. For details on JSON please visit for more information.

Date formatting

Please note that the date format used in requests and responses is formatted using ISO-8601. Please see for more information. All dates are in UTC.