This section explains how to create bearer tokens—by using the Qumulo Core REST API or Web UI—to authenticate Qumulo Core REST API calls.

When you use the Qumulo Core REST API, you begin an authentication session by logging in to a Qumulo cluster. Different REST endpoints require different types of authentication: For example, certain REST API endpoints, such as /v1/version, don’t require any authentication, while the /v1/session/login API endpoint requires a username and a password.

Calling the login API gives you a bearer token (or access token)—a temporary credential that Qumulo Core sends together with subsequent API calls as proof of authentication. A bearer token is valid for 10 hours. After a bearer token expires, you must create a new bearer token.

Creating a Bearer Token

To create a bearer token, you can use the Qumulo Core REST API or Qumulo Core Web UI.

To Create a Bearer Token by Using the REST API

Begin an authentication session by calling the /v1/session/login REST API endpoint and specify the username and password. For example:

curl -k -X POST \
  -H "Content-Type: application/json" \
  -d '{ "username": "Alice", "password": "rbFAYMdtGrwTAV4TR0cZ"}'

The following is example output.

{ "bearer_token": "1:EXAMPLElSnp6MVZvUXhRQUViN2RCYUFVZy9zTElB..." }

To Create a Bearer Token by Using the Qumulo Core Web UI

  1. Log in to the Qumulo Core Web UI.

  2. Click APIs & Tools.

  3. Under Interactive API documentation, enter your username and password and click Apply credentials.

    The Authentication succeeded. message appears.

  4. Expand the Access Tokens section and then the POST /v1/auth/access-tokens/ section.

  5. On the upper-right side, click Try it out, ensure that the Request body is correct, and then click Execute.

    The following is example output.

    { "bearer_token": "1:EXAMPLElSnp6MVZvUXhRQUViN2RCYUFVZy9zTElB..." }

To Use a Bearer Token to Authenticate a Qumulo Core REST API Call

Place the bearer token in your request header. In the following example, the API call lists the nodes in a cluster.

curl -k -X GET \
  -H "Authorization: Bearer 1:EXAMPLElSnp6MVZvUXhRQUViN2RCYUFVZy9zTElB..."

The following is example output.

  "id": 1,
  "node_status": "online",
  "node_name": "my-node-name",
  "uuid": "12345a6b-7c89-0d12-3456-78fe9012f345",
  "label": "a1:23:45:6b:70:80",
  "model_number": "Q0626",
  "capacity_in_bytes": "25605032656896",
  "serial_number": "1234567890",
  "mac_address": "00:00:1a:00:23:bc"