All Cloud Platform API v2 calls require authentication to work. The information on this page is applicable only for Cloud Platform API version 2.
Important
HMAC authentication is deprecated and will be removed from Cloud Platform API version 2 on July 1, 2020.
To generate an API token for authenticating with the Cloud Platform API v2:
Sign in to the Cloud Platform user interface using your email address and Acquia password.
Click your user avatar in the upper right corner, and then click Account Settings.
On the Profile page, click API Tokens.
Provide a human-readable label for your API token, and click Create Token.
Cloud Platform will generate an API Key and API secret for you.
Record a copy of your API Key and API secret, as you can’t retrieve them after closing your browser tab.
You can remove a token at any time by clicking Remove next to the token you want to remove.
Each Cloud Platform API call authenticates requests with OAuth 2.0 client credentials, and requires the information provided when generating an API token.
https://accounts.acquia.com/api/auth/oauth/token
The Client ID and Secret are exchanged for a bearer access token, which authenticates calls to the Cloud Platform API.
Note
The access token expires in 300 seconds or 5 minutes after you generate it. Therefore, you must regenerate it before the expiry.
Note
Run composer require league/oauth2-client
, and then download an
example authentication script
.
If your organization uses Single Sign-On (SSO), you must use OAuth 2.0 and
request the organization:uuid
scope while generating the API token.
The uuid
is the UUID of the organization’s resources for which you want
access.
Here is the example curl request:
curl \
--data-urlencode 'client_id=API TOKEN KEY HERE' \
--data-urlencode 'client_secret=API TOKEN SECRET HERE' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=organization:23NNe327-NAAA-11e3-NNNN-1231NNNNa02c' \
-X POST \
'https://accounts.acquia.com/api/auth/oauth/token'