Our API, and therefore all tools that use it such as the CLI and Brightbox Manager, supports a few different types of authentication.
When you sign up with Brightbox, a user is created for you with your email address and the password you chose. These are your user credentials and you can login with them directly. e.g:
If you enable two-factor authentication for your user, you are then required to enter a two-factor code generated by your authentication application each time you authenticate with your user credentials.
There are two main ways of providing your two-factor code. Anywere that natively supports two-factor authentication, you’ll be prompted for a code after entering your user credentials.
If the tool doesn’t natively support two-factor authentication, then you can
provide your two-factor code by tagging it on the end of your password separated
You can also authenticate as your user with your email address and a temporary access token instead of your password.
Temporary access tokens are obtained after authenticating with your user credentials elsewhere. So, for example, you could log in to Brightbox Manager with two-factor authentication, obtain a temporary access token and then use that token with a tool that does not support two-factor authentication.
Temporary access tokens last until their expiry time, which is usually two hours from issue. After which time, a new token needs to be obtained.
An API Client is a set of credentials composed of
a client identifier (like
cli-xxxxx) and a randomly generated secret.
They’re useful for authenticating automated tools and applications that need to use Brightbox services.
API Clients are associated with Accounts, so once authenticated with a given API Client you can manage the services on that Account.
API Clients can also be configured with less privileges, such as for access to Orbit containers only.
Last updated: 13 Sep 2018 at 11:16 UTC