Contents

Authentication

Our API, and therefore all tools that use it such as the CLI and Brightbox Manager, supports a few different types of authentication.

User authentication

When you sign up with Brightbox, a user is created for you with your email address and the password you chose. These are your user credentials and you can login with them directly. e.g:

username: chloe@example.com
password: mypassword

Two-factor user authentication

If you enable two-factor authentication for your user, you are then required to enter a two-factor code generated by your authentication application each time you authenticate with your user credentials.

There are two main ways of providing your two-factor code. Anywere that natively supports two-factor authentication, you’ll be prompted for a code after entering your user credentials.

username: chloe@example.com
password: mypassword
code: 123456

If the tool doesn’t natively support two-factor authentication, then you can provide your two-factor code by tagging it on the end of your password separated by a + character.

username: chloe@example.com
password: mypassword+123456

Temporary access token user authentication

You can also authenticate as your user with your email address and a temporary access token instead of your password.

username: chloe@example.com
password: eac7358dd0887b83294b9080e1d5c348

Temporary access tokens are obtained after authenticating with your user credentials elsewhere. So, for example, you could log in to Brightbox Manager with two-factor authentication, obtain a temporary access token and then use that token with a tool that does not support two-factor authentication.

Temporary access tokens last until their expiry time, which is usually two hours from issue. After which time, a new token needs to be obtained.

API Client authentication

An API Client is a set of credentials composed of a client identifier (like cli-xxxxx) and a randomly generated secret.

They’re useful for authenticating automated tools and applications that need to use Brightbox services.

API Clients are associated with Accounts, so once authenticated with a given API Client you can manage the services on that Account.

API Clients can also be configured with less privileges, such as for access to Orbit containers only.

You can create and manage API Clients using the Brightbox Manager, and of course via the API itself.

Last updated: 13 Sep 2018 at 11:16 UTC

Try Brightbox risk-free with £20 free credit Sign up takes just two minutes...