<!DOCTYPE html> <html lang="en"> <head> <!-- Google Tag Manager --> <script> dataLayer = []; </script> <script type="text/javascript" data-cookiecategory="marketing"> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-WPJ6JDM'); </script> <!-- End Google Tag Manager --> <!-- Segment --> <script type="text/javascript" data-cookiecategory="analytics"> const cookie = document.cookie .split("; ") .find((row) => row.startsWith("cc_cookie=")) ?.split("=")[1]; var consent = {}; try { consent = JSON.parse(cookie); } catch (error) {} function hasConsent(level) { return typeof consent != "undefined" && consent.hasOwnProperty('level') && consent.level.includes(level); } let integrations = { All: false, 'Amplitude (Actions)': false, 'Segment.io': true, 'Google Analytics': false, 'Google Ads (Gtag)': false, 'Linkedin Insight Tag': false }; if(hasConsent('analytics')) { integrations['Segment.io'] = true; integrations['Amplitude (Actions)'] = true; integrations['Google Analytics'] = true; } if(hasConsent('marketing')) { integrations['Segment.io'] = true; integrations['Google Ads (Gtag)'] = true; integrations['Linkedin Insight Tag'] = true; } !function(){function p(){var c=document.querySelector("link[rel='canonical']");return{__t:"bpc",c:c&&c.getAttribute("href")||void 0,p:location.pathname,u:location.href,s:location.search,t:document.title,r:document.referrer}}var analytics=window.analytics=window.analytics||[];if(!analytics.initialize)if(analytics.invoked)window.console&&console.error&&console.error("Segment snippet included twice.");else{analytics.invoked=!0;analytics.methods=["trackSubmit","trackClick","trackLink","trackForm","pageview","identify","reset","group","track","ready","alias","debug","page","screen","once","off","on","addSourceMiddleware","addIntegrationMiddleware","setAnonymousId","addDestinationMiddleware","register"];analytics.factory=function(e){return function(){if(window.analytics.initialized)return window.analytics[e].apply(window.analytics,arguments);var n=Array.prototype.slice.call(arguments);["track","screen","alias","group","page","identify"].indexOf(e)>-1&&n.push(p());n.unshift(e);analytics.push(n);return analytics}};for(var n=0;n<analytics.methods.length;n++){var key=analytics.methods[n];analytics[key]=analytics.factory(key)}analytics.load=function(key,n){var t=document.createElement("script");t.type="text/javascript";t.async=!0;t.src="https://evs.nuage01.scaleway.com/analytics.js/v1/" + key + "/analytics.min.js";var i=document.getElementsByTagName("script")[0];i.parentNode.insertBefore(t,i);analytics._loadOptions=n};analytics._writeKey="2BCXA70PYDwGXcGg7iv5fDqpzLn0nNs0";;analytics.SNIPPET_VERSION="5.0.1"; analytics.load("2BCXA70PYDwGXcGg7iv5fDqpzLn0nNs0", { integrations: integrations }); }}(); analytics.ready(function() { if(hasConsent('analytics')) { analytics.page('','',{product_category: 'Dedibox', page_type: 'Dedibox Console'}); } }); </script> <!-- End Segment --> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title> API - Documentation - Online / Dedibox - Console</title> <link rel="stylesheet" href="/bundles/onlineconsole/css/fonts.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/bootstrap-online.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/bootstrap-responsive.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/style.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/typeahead.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/menusearch.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/iconline.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/online-domaine-order.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/select2.min.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/select-slider.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="stylesheet" href="/bundles/onlineconsole/css/cookieconsent.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "> <link rel="stylesheet" href="/bundles/onlineconsole/css/vue-loading-bar.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "/> <link rel="stylesheet" href="/bundles/onlineconsole/css/online-menusearch.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "/> <link rel="stylesheet" href="/bundles/onlineconsole/css/support.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "/> <link rel="shortcut icon" href="/bundles/onlineconsole/images/favicon-16x16.png?5dddec4d3155e8914ea8c24ac96926249eb362c9 " /> <link rel="apple-touch-icon" href="/bundles/onlineconsole/images/apple-touch-icon.png?5dddec4d3155e8914ea8c24ac96926249eb362c9 " sizes="180x180" /> <link rel="icon" type="image/png" href="/bundles/onlineconsole/images/favicon-16x16.png?5dddec4d3155e8914ea8c24ac96926249eb362c9 " sizes="16x16" /> <link rel="icon" type="image/png" href="/bundles/onlineconsole/images/favicon-32x32.png?5dddec4d3155e8914ea8c24ac96926249eb362c9 " sizes="32x32" /> <link rel="mask-icon" href="/img/favicon/safari-pinned-tab.svg" color="#4f0599"> <meta name="msapplication-TileColor" content="#2d89ef"> <meta name="theme-color" content="#ffffff"> <script src="/bundles/onlineconsole/js/jquery.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/select2.full.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 " defer></script> <script src="/bundles/onlineconsole/js/i18n/en.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/i18n/fr.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/online-select2.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/polyfill/number-to-locale-string.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/polyfill/promise-polyfill.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/polyfill/fetch.umd.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/autocomplete.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/tetranzselect2entity/js/select2entity.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <!--[if IE]> <script type="text/javascript" src="/bundles/onlineconsole/js/online-ie-fixes.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <![endif]--> <script type="text/javascript" src="/bundles/onlineconsole/js/bootstrap.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script type="text/javascript" src="/bundles/onlineconsole/js/bootstrap-dropdown.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script type="text/javascript" src="/bundles/onlineconsole/js/bootstrap-tooltip.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/online-global.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/fosjsrouting/js/router.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/js/fos_js_routes.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/tools/price-module.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/online-select-slider.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.8/styles/default.min.css"> <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.8/highlight.min.js"></script> <script type="text/javascript" src="/bundles/onlineleswag/js/swagger-ui-bundle.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script type="text/javascript" src="/bundles/onlineleswag/js/leswag.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <link rel="stylesheet" href="/bundles/onlineleswag/css/swagger-ui.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "> <link rel="stylesheet" href="/bundles/onlineleswag/css/leswag.css?5dddec4d3155e8914ea8c24ac96926249eb362c9 "> <script>hljs.initHighlightingOnLoad();</script> <script type="text/javascript"> $(document).ready(function() { $('.api_call_example_link').click(function() { var api_call_example_id = $(this).attr('data-example-id'); $('#' + api_call_example_id).slideToggle(); }); $('#examples_language_selector').change(function (e) { $('#api_code_samples').children('div').hide(); $('#leswag_code_sample_' + this.value).show(); }); }); </script> </head> <body class="online" role="document"> <div class="container front"> <div class="pull-left header small_ypadding no_xpadding small_ymargin topmenuphone" id="logonline"> <a href="/en/account/home" class="pull-left no-underline logo-online"> <img src="/bundles/onlineconsole/images/Logo-scw-dedibox-purple.svg?5dddec4d3155e8914ea8c24ac96926249eb362c9 " alt="Scaleway Dedibox" width="163"> <span>Online.net</span> </a> </div> </li> </ul> <div class="clear-right"></div> <ul class="nav nav-pills pull-right no_margin" id="nologmenu"> <li class="visible-phone langmenuphone"> English - <a href="/fr/api/" class="langmenuphone">Français</a> </li> <li class="dropdown hidden-phone" data-dropdown="dropdown"><a class="dropdown-toggle" data-toggle="dropdown"> English <b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="/fr/api/">Français</a></li> </ul> </li> <li ><a href="/en/user/subscribe">Subscribe</a></li> <li ><a href="/en/login">Sign in</a></li> </ul> <div class="clear-right "></div> <ul class="nav navphone nav-pills pull-right no_margin" id="headmenu" role="navigation"> <li class="pinkbloc dropdown" data-dropdown="dropdown"> <a href="/en/order/server" class="dropdown-toggle" data-toggle="dropdown"><i>Order</i> <b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="/en/order/domain/create">Domain name</a></li> <li class="divider"></li> <li><a href="/en/order/mut/create">Hosting</a></li> <li class="divider"></li> <li><a href="/en/order/server">Server</a></li> <li class="divider"></li> <li><a href="/en/order/housing">Housing</a></li> </ul> </li> <li class="active" ><a href="/en/api/">API</a></li> <li ><a title="Prendre contact" href="/en/assistance/commercial">Support</a></li> <li><a rel="external" title="Online's Webmail" href="http://webmail.online.net/">Webmail</a></li> </ul> <div class="clear hidden-phone" id="headend"></div> <div class="clear visible-phone" id="headend"></div> <h1 class="highlight">API</h1> <div class="clear"></div> <div class="content"> <div class="main_content"> <h2 class="page-header firsttitle">Documentation</h2> <div id="api_introduction" class="api_doc"> <h2 class="page-header">Overview</h2> <p>Online by Scaleway exposes a public REST API for some operations. The base URL for all calls is <strong>https://api.online.net/api/v1</strong>.</p> <p>To use this API, users can authenticate using their <a href="/en/api/access">private API token</a>, or with applications that support OAuth2’s three-legged authentication.</p> </div> </div> <div class="span12"> <div class="tabbable"> <ul class="nav nav-tabs"> <li class="active"><a href="#api_base_documentation" data-toggle="tab">API methods</a></li> <li><a href="#api_examples" data-toggle="tab">Examples</a></li> <li><a href="#api_authentication" data-toggle="tab">Authentication</a></li> <li><a href="#api_error_codes" data-toggle="tab">Error codes</a></li> </ul> <div class="tab-content"> <div id="api_base_documentation" class="tab-pane active"> <div class="api_doc"> <h2 class="page-header">Implementation details</h2> <ul> <li>Methods are grouped by namespaces (e.g. "server", "user").</li> <li>Supported HTTP verbs are GET, POST, PUT, and DELETE.</li> <li>Unless specified otherwise in the method's documentation, all successful API calls return an HTTP code 200 with a JSON object.</li> <li>Errors are returned with an HTTP code 4XX (such as 400 or 403), a JSON object with properties "error" (an error message) and "code" (optional, an integer).</li> <li>The API sends ETag headers and supports the <i>If-None-Match</i> header.</li> <li>Dates are formatted according to the Javascript method <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toJSON">date.toJSON</a>.</li> <li>Unless specified otherwise, all API methods require authentication.</li> <li>For debug purposes only, you can get a pretty-printed JSON object by sending the header <i>X-Pretty-JSON: 1</i>.</li> </ul> </div> <div id="api_methods" class="api_doc"> <h2 class="page-header">API methods</h2> <div id="swagger-container"></div> <script> SwaggerUIBundle({ dom_id: '#swagger-container', url: '//console.online.net/en/api/swagger.json', plugins: [DisableTryItOutPlugin, WrapOperationSummaryComponentPlugin], defaultModelsExpandDepth: 0, docExpansion: 0, tagsSorter: 'alpha', operationsSorter: 'alpha' }) </script> </div> </div> <div id="api_examples" class="api_doc tab-pane"> <div class="api_doc"> <h2 class="page-header">Example calls</h2> <p>Here are some example calls, using <a href="http://curl.haxx.se/">cURL</a>:</p> <h4>Getting the current user&#039;s profile:</h4> <p><a class="btn api_call_example_link" data-example-id="api_call_example_0">Show/hide example</a></p> <div class="hide api_call_example" id="api_call_example_0"> <pre class="api_call">curl -X GET -H "Authorization: Bearer your_api_token" "https://api.online.net/api/v1/<strong>user</strong>"</pre> <pre class="api_result">HTTP/1.1 200 OK Content-Type: application/json etag: b6fa8159e3fb79b2a86aa8302889c58b4d055561 date: Fri, 12 Jul 2013 12:34:56 GMT {"id":99999,"login":"SuperDupont1789","email":"superdupont1789@free.fr","first_name":"Super","last_name":"Dupont","company":"L'anti-AntiFrance"}</pre> </div> <h4>Getting a list of available rescue images for a server:</h4> <p><a class="btn api_call_example_link" data-example-id="api_call_example_1">Show/hide example</a></p> <div class="hide api_call_example" id="api_call_example_1"> <pre class="api_call">curl -X GET -H "Authorization: Bearer your_api_token" "https://api.online.net/api/v1/<strong>server/rescue_images/88888</strong>"</pre> <pre class="api_result">HTTP/1.1 200 OK Content-Type: application/json etag: 3de059c70fd2df09dc89b6867cc994a548dc4d1b date: Fri, 12 Jul 2013 12:45:43 GMT ["ubuntu-12.04_amd64","ubuntu-10.04_i386","winpe-3.0_amd64","winpe-3.0_i386"]</pre> </div> </div> <div id="api_code_samples" class="api_doc"> <h2 class="page-header">Code samples</h2> <p>Here are some code samples to show diverse uses of our API:</p> <form> <select id="examples_language_selector" class="leswag_code_sample_language_select"> <option value="" selected="selected">--</option> <option value="php">php</option> <option value="python_slumber">python</option> </select> </form> <div class="leswag_code_sample_placeholder"></div> <div class="hide" id="leswag_code_sample_php"> <pre><code class="php">&lt;?php // note: error handling is left as an exercise for the reader function call_online_api($token, $http_method, $endpoint, $get = array(), $post = array()) { if (!empty($get)) { $endpoint .= '?' . http_build_query($get); } $call = curl_init(); curl_setopt($call, CURLOPT_URL, 'https://api.online.net/api/v1' . $endpoint); curl_setopt($call, CURLOPT_HTTPHEADER, array('Authorization: Bearer ' . $token, 'X-Pretty-JSON: 1')); curl_setopt($call, CURLOPT_RETURNTRANSFER, true); if ($http_method == 'POST') { curl_setopt($call, CURLOPT_POST, true); curl_setopt($call, CURLOPT_POSTFIELDS, http_build_query($post)); } return curl_exec($call); } $token = YOUR_API_TOKEN; $user_info = call_online_api($token, 'GET', '/user'); echo $user_info; $failovers = call_online_api($token, 'GET', '/server/failover'); echo $failovers; // edit a failover IP $post = array( 'source' => '10.0.0.42', 'destination' => '10.0.0.1', ); $move_failover = call_online_api($token, 'POST', '/server/failover/edit', null, $post); var_export($move_failover);</code></pre> </div> <div class="hide" id="leswag_code_sample_python_slumber"> <p>Using <a href="https://github.com/dstufft/slumber">slumber</a>:</p> <pre><code class="python">import slumber, requests api_session = requests.session() api_session.headers['Authorization'] = 'Bearer YOUR_API_TOKEN' api = slumber.API('https://api.online.net/api/v1', session=api_session) user_info = api.user.info.get() print user_info failovers = api.server.failover.get() print failovers # edit a failover IP move_failover = api.server.failover.edit.post({ 'source': '10.0.0.42', 'destination': '10.0.0.1' }) print move_failover</code></pre> </div> </div> </div> <div id="api_authentication" class="tab-pane"> <div class="api_doc"> <h2 class="page-header">Authentication</h2> <p>Calls that require authentication expect an HTTP header <i>Authorization</i> bearing a token, using the following format:</p> <pre>Authorization: Bearer <strong>your_api_token</strong></pre> <p>This token can either be your private API token, or a token obtained using OAuth2's three-legged authentication.</p> </div> <div class="api_doc"> <h2 class="page-header">Authentication for applications</h2> <p>First, you must <a href="/en/api/apps">create an app</a>.</p> <p>Once you have created an app, you are provided a <b>client_id</b> and <b>client_secret</b> that you will use for the authentication process.</p> </div> <div class="api_doc"> <h3>Which authentication process should you use?</h3> <ul> <li>If your application is a website: <a href="#three_legged">three-legged OAuth2</a>.</li> <li>If your application is a mobile app: <a href="#device_auth">OAuth2 for devices</a>.</li> <li>If your application is an opensource app or a script: <a href="#device_auth_no_secret">OAuth2 for opensource apps</a>.</li> </ul> </div> <div class="api_doc" id="three_legged"> <h3>Workflow for websites or client applications</h3> <p>This authentication process uses three-legged OAuth2.</p> <p>The following URLs are used in this process:</p> <ul> <li><b>authorize</b> endpoint: <i>/oauth/v2/auth</i></li> <li><b>token</b> endpoint: <i>/oauth/v2/token</i></li> </ul> <p><i>Note: if your application is not a website, you will have to make the user do these steps in a web view (e.g. UIWebView on iOS, WebView on Android…).</i></p> <h4>Full workflow</h4> <ol> <li> <p>Your application redirects the user to Online.net's <b>authorize</b> endpoint, with the following query string parameters:</p> <ul> <li><code>client_id</code>: your app's client_id</li> <li><code>redirect_uri</code>: one of your application's redirect URLs</li> <li><code>response_type</code>: use the value "code"</li> <li><code>state</code>: an arbitrary string that will be returned to your application, to help you check against CSRF</li> </ul> <h5>Example URL for authorization:</h5> <pre>https://console.online.net/oauth/v2/auth?<b>client_id</b>=42_424242&amp;<b>redirect_uri</b>=https://your-app.tld/online_api&amp;<b>response_type</b>=code&amp;<b>state</b>=yeahponies</pre> </li> <li> <p>The user chooses to authorize your application.</p> </li> <li> <p>The user gets redirected to the URL you specified using the parameter <i>redirect_uri</i>, with the following query string parameters:</p> <ul> <li><code>code</code>: the code that you will use to get a token</li> <li><code>state</code>: the same value that you sent earlier</li> </ul> </li> <li> <p>Using the value of <i>code</i>, your application makes a direct POST request (not in the user's browser) to the <b>token</b> endpoint, with the following parameters:</p> <ul> <li><code>client_id</code></li> <li><code>client_secret</code></li> <li><code>code</code>: the value that you received earlier</li> <li><code>redirect_uri</code>: one of your application's redirect URLs</li> <li><code>grant_type</code>: use the value "authorization_code"</li> </ul> <h5>Example cURL call to obtain an access token:</h5> <pre>curl -X POST "https://console.online.net/oauth/v2/token" -d "<b>client_id</b>=42_424242&amp;<b>client_secret</b>=123456&amp;<b>code</b>=986a9e6d90e&amp;<b>redirect_uri</b>=https://your-app.tld/online_api&amp;<b>grant_type</b>=authorization_code"</pre> </li> <li> <p>If everything is correct, the access token is returned as a JSON object with the following properties:</p> <ul> <li><code>access_token</code></li> <li><code>expires_in</code>: token validity period, in seconds</li> <li><code>token_type</code>: "Bearer"</li> </ul> </li> <li> <p>Your application stores the access token and uses it for the user's subsequent visits.</p> </li> </ol> </div> <div class="api_doc" id="device_auth"> <h3>Workflow for mobile apps</h3> <p>This authentication process uses a variant of OAuth2, tailored for mobile devices.</p> <p>The following URLs are used in this process:</p> <ul> <li><b>device</b> endpoint: <i>/oauth/v2/device/code</i></li> <li><b>verification</b> endpoint: <i>/oauth/v2/device/usercode</i></li> <li><b>token</b> endpoint: <i>/oauth/v2/token</i></li> </ul> <p><i>Note: you may have to make the user do some steps in a web view (e.g. UIWebView on iOS, WebView on Android…) if you want to do all these steps from the mobile app.</i></p> <h4>Full workflow</h4> <ol> <li> <p>Your application makes a direct request to the <b>device</b> endpoint, with the query string parameter <i>client_id</i>, and obtains a JSON object with authentication data that will be used for the rest of the process.</p> <h5>Example URL to obtain authentication data:</h5> <pre>https://console.online.net/oauth/v2/device/code?<b>client_id</b>=42_424242</pre> <h5>Example authentication data:</h5> <pre>{ "device_code": "5b7a15a9ae1bc30f903210dcafb6dff4d893a880", "user_code": "fu5rohd4h", "interval": 5, "expires_in": 1800, "verification_url": &quot;https:\/\/console.online.net\/oauth\/v2\/device\/code&quot; }</pre> </li> <li> <p>Your application asks the user to go to the <b>verification</b> endpoint (provided by <i>verification_url</i>) and to type the code provided by <i>user_code</i>.</p> </li> <li> <p>Using the value of <i>device_code</i>, every 5 seconds your application starts making direct POST requests to the <b>token</b> endpoint, with the following parameters:</p> <ul> <li><code>client_id</code></li> <li><code>client_secret</code></li> <li><code>code</code>: the value of <code>device_code</code></li> <li><code>grant_type</code>: use the value "http://oauth.net/grant_type/device/1.0"</li> </ul> <h5>Example cURL call to obtain an access token:</h5> <pre>curl -X POST "https://console.online.net/oauth/v2/token" -d "<b>client_id</b>=123_987654&amp;<b>client_secret</b>=4815162342&amp;<b>code</b>=986a9e6d90e&amp;<b>grant_type</b>=http://oauth.net/grant_type/device/1.0"</pre> <p>Your application will receive an error message until the user has entered the code and authorized the application.</p> </li> <li> <p>The user enters the code, and then logs in if they aren't logged in yet.</p> </li> <li> <p>The user chooses to authorize your application, and can then close the browser window.</p> </li> <li> <p>Your application's call to the <b>token</b> endpoint now returns the access token as a JSON object with the following properties:</p> <ul> <li><code>access_token</code></li> <li><code>expires_in</code>: token validity period, in seconds</li> <li><code>token_type</code>: "Bearer"</li> </ul> </li> <li> <p>Your application stores the access token and uses it for the user's subsequent visits.</p> </li> </ol> </div> <div class="api_doc" id="device_auth_no_secret"> <h3>Workflow for opensource apps</h3> <p>This authentication process is similar to OAuth2 for mobile devices, with the difference that opensource apps or scripts can not be shipped with a <b>client_secret</b> (since it's meant to remain secret).</p> <p>The principle here is to get a new set of client_id and client_secret that are bound to the user. You may reuse these credentials by using <a href="#device_auth">OAuth2 for mobile devices</a>.</p> <p class="alert alert-warning"><strong>Warning:</strong> You should not redistribute the credentials. Usage with another account will display the login of the user who obtained the credentials. E.g. instead of displaying "The most fabulous app" it will display "The most fabulous app (jeanpatrickranu1979)".</p> <p>The following URLs are used in this process:</p> <ul> <li><b>device</b> endpoint: <i>/oauth/v2/device/code</i></li> <li><b>verification</b> endpoint: <i>/oauth/v2/device/usercode</i></li> <li><b>credentials</b> endpoint: <i>/oauth/v2/device/credentials</i></li> <li><b>token</b> endpoint: <i>/oauth/v2/token</i></li> </ul> <h4>Full workflow</h4> <ol> <li> <p>Your application makes a direct request to the <b>device</b> endpoint, with the query string parameters <i>client_id</i> and <i>new_credentials</i>=yes, and obtains a JSON object with authentication data that will be used for the rest of the process.</p> <h5>Example URL to obtain authentication data:</h5> <pre>https://console.online.net/oauth/v2/device/code?<b>client_id</b>=42_424242&amp;<b>new_credentials</b>=yes</pre> <h5>Example authentication data:</h5> <pre>{ "device_code": "5b7a15a9ae1bc30f903210dcafb6dff4d893a880", "user_code": "fu5rohd4h", "interval": 5, "expires_in": 1800, "verification_url": &quot;https:\/\/console.online.net\/oauth\/v2\/device\/code&quot; }</pre> </li> <li> <p>Your application asks the user to go to the <b>verification</b> endpoint (provided by <i>verification_url</i>) and to type the code provided by <i>user_code</i>.</p> </li> <li> <p>Using the value of <i>device_code</i>, every 5 seconds your application starts making direct requests to the <b>credentials</b> endpoint, with the following query string parameters:</p> <ul> <li><code>client_id</code></li> <li><code>code</code>: the value of <code>device_code</code></li> </ul> <p>Your application will receive an error message until the user has entered the code and authorized the application.</p> </li> <li> <p>The user enters the code, and then logs in if they aren't logged in yet.</p> </li> <li> <p>The user chooses to authorize your application, and can then close the browser window.</p> </li> <li> <p>Your application's call to the <b>credentials</b> endpoint now returns a JSON object with the following properties:</p> <ul> <li><code>client_id</code>: a new client_id that is bound to the user</li> <li><code>client_secret</code></li> </ul> <p>Your application stores these values and will use them for later requests.</p> </li> <li> <p>Using the value of <i>device_code</i>, your application makes a direct POST request to the <b>token</b> endpoint, with the following parameters:</p> <ul> <li><code>client_id</code>: the value of <code>client_id</code> provided by the call to the <b>credentials</b> endpoint</li> <li><code>client_secret</code>: the value of <code>client_secret</code> provided by the call to the <b>credentials</b> endpoint</li> <li><code>code</code>: the value of <code>device_code</code></li> <li><code>grant_type</code>: use the value "http://oauth.net/grant_type/device/1.0"</li> </ul> <h5>Example cURL call to obtain an access token:</h5> <pre>curl -X POST "https://console.online.net/oauth/v2/token" -d "<b>client_id</b>=123_987654&amp;<b>client_secret</b>=4815162342&amp;<b>code</b>=986a9e6d90e&amp;<b>grant_type</b>=http://oauth.net/grant_type/device/1.0"</pre> </li> <li> <p>Your application stores the access token and uses it for the user's subsequent visits.</p> </li> </ol> </div> </div> <div id="api_error_codes" class="api_doc tab-pane"> <h2 class="page-header">List of numeric error codes</h2> <p>In addition to the HTTP error code, errors come with a message and a numeric code. The error message is meant to be human-readable, while the numeric codes should be used by your application.</p> <table class="table table-striped"> <tbody> <tr> <th>-1</th> <td>Internal error</td> </tr> <tr> <th>1</th> <td>Missing parameter</td> </tr> <tr> <th>2</th> <td>Bad parameter value</td> </tr> <tr> <th>3</th> <td>Unknown method</td> </tr> <tr> <th>4</th> <td>Method not allowed</td> </tr> <tr> <th>5</th> <td>Bad request</td> </tr> <tr> <th>6</th> <td>Not implemented yet</td> </tr> <tr> <th>7</th> <td>Resource not found</td> </tr> <tr> <th>8</th> <td>Resource unreachable</td> </tr> <tr> <th>9</th> <td>Permission denied</td> </tr> <tr> <th>10</th> <td>Action already done</td> </tr> <tr> <th>11</th> <td>User has unpaid invoices</td> </tr> <tr> <th>12</th> <td>Too many requests</td> </tr> <tr> <th>13</th> <td>Resource creation pending</td> </tr> <tr> <th>16</th> <td>Resource busy</td> </tr> <tr> <th>17</th> <td>Conflict</td> </tr> </tbody> </table> </div> </div> </div> </div> <div class="footer clear text-right"> <p class="info text-center"> <a href="https://www.scaleway.com/en/contracts/">Contracts</a> - <a href="https://www.scaleway.com/en/legal-notice/">Legal notices</a> - <a href="https://www.scaleway.com/en/privacy-policy/">Privacy Policy</a> - <a href="https://security.scaleway.com/">Security Measures</a> - <a href="#" data-cc="c-settings">Cookie Settings</a> <br> Copyright © 1999-2025 - Scaleway SAS - BP 438 - 75366 Paris CEDEX 08 - RCS Paris B 433 115 904 </p> </div> </div> <script src="/bundles/onlineconsole/js/cookieconsent.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/cookieconsent-init.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script type="text/javascript"> $('.dropdown-toggle').dropdown(); $(document).ready(function() { function googleTagPush(googleTagEvent, eventCategory, eventAction, eventName, eventValue) { dataLayer.push({ 'event': googleTagEvent, 'event_category': eventCategory, 'event_action': eventAction, 'event_name': eventName, 'event_value': eventValue }); } function googleTagPushIfNotLocked(googleTagEvent, eventCategory, eventAction, eventName, eventValue, javascriptEvent) { if (!lock) { return; } javascriptEvent.preventDefault(); dataLayer.push({ 'event': googleTagEvent, 'event_category': eventCategory, 'event_action': eventAction, 'event_name': eventName, 'event_value': eventValue }); lock = false; $(javascriptEvent.currentTarget).click(); } function normalize_googleTag(stringToNormalize) { return stringToNormalize.normalize("NFD").replace(/[\u0300-\u036f]/g, ""); } var lock = true; $(document).on('click', '#support-create-new-ticket', function (e) { e.preventDefault(); dataLayer.push({ 'event': 'console_create_ticket', 'event_category': 'ddb_c_assistance', 'event_action': 'create_ticket', 'event_name': 'create_ticket', 'event_value': 'https://console.online.net/en/api/' }); window.location=e.currentTarget.getAttribute('href'); }); $(document).on('click', '.datacenter-options', function (e) { googleTagPush('console_datacenter_dropdown_list', 'ddb_c_products', 'datacenter_dropdown_list', e.currentTarget.value, 'https://console.online.net/en/api/'); }); $(document).on('click', '.order-server-btn', function (e) { googleTagPushIfNotLocked('console_order', 'order_dedibox_console', 'order', normalize_googleTag($(e.currentTarget).data('product-name')), 'https://console.online.net/en/api/', e); }); $(document).on('click', '#login-button', function (e) { googleTagPush('console_login', 'ddb_c_account', 'login', 'login', 'https://console.online.net/en/api/'); }); $(document).on('click', '#valid-cart', function (e) { googleTagPushIfNotLocked('console_confirm_my_command', 'ddb_c_order', 'confirm_my_command', 'confirm_my_command', 'https://console.online.net/en/api/', e); }); $(document).on('click', '.add-iban_button', function (e) { googleTagPushIfNotLocked('console_add_bank_account', 'ddb_c_order', 'add_bank_account', 'add_bank_account', 'https://console.online.net/en/api/', e); }); $(document).on('click', '#update-payment-method', function (e) { googleTagPushIfNotLocked('console_payment_method', 'ddb_c_order', 'payment_method', normalize_googleTag($("input[name='payment_mode']:checked").val()), 'https://console.online.net/en/api/', e); }); $(document).on('click', '#b2b-add-credit-card', function (e) { googleTagPushIfNotLocked('console_add_credit_card', 'ddb_c_order', 'add_credit_card', 'add_credit_card', 'https://console.online.net/en/api/', e); }); $(document).on('click', '#add-paypal-account', function (e) { googleTagPushIfNotLocked('console_add_paypal_agreement', 'ddb_c_order', 'add_paypal_agreement', 'add_paypal_agreement', 'https://console.online.net/en/api/', e); }); $(document).on('click', '#subscribe-button', function (e) { googleTagPush('console_register', 'ddb_c_account', 'register', 'register', 'https://console.online.net/en/api/'); }); $(document).on('click', '#create-user-button', function (e) { googleTagPushIfNotLocked('console_create_account', 'create_account', 'create_account', 'create_account', normalize_googleTag($('#user_form_type option:selected').val()), e); }); $(document).on('click', '#verify-email-button', function (e) { googleTagPush('console_confirm_email', 'ddb_c_account', 'confirm_email', 'confirm_email', 'https://console.online.net/en/api/'); }); $(document).on('click', '#verify-sms-button', function (e) { googleTagPushIfNotLocked('console_confirm_sms', 'ddb_c_account', 'confirm_sms', 'confirm_sms', 'https://console.online.net/en/api/'); }); $(document).on('click', '#confirm-sms-button', function (e) { googleTagPushIfNotLocked('console_confirm_sms_code', 'ddb_c_account', 'confirm_sms_code', 'confirm_sms_code', 'https://console.online.net/en/api/', e); }); $(document).on('click', '#lost-password-button', function (e) { googleTagPush('console_recovery_link', 'ddb_c_userddb_c_user', 'recovery_link', 'recovery_link', 'https://console.online.net/en/api/'); }); $(document).on('click', '#send-recovery-button', function (e) { googleTagPushIfNotLocked('console_recovery_mode', 'ddb_c_user', 'recovery_mode', normalize_googleTag($("input[name='recovery-choice']:checked").val().replace('recovery-choice-', '')), 'https://console.online.net/en/api/', e); }); $(document).on('click', '#send-lost-password', function (e) { googleTagPush('console_recovery_send', 'ddb_c_user', 'recovery_send', 'recovery_send', 'https://console.online.net/en/api/'); }); $(document).on('click', '#change-password-button', function (e) { googleTagPushIfNotLocked('console_recovery_new_password', 'ddb_c_user', 'recovery_new_password', 'recovery_new_password', 'https://console.online.net/en/api/', e); }); $(document).on('click', '#validate-recovery-code-button', function (e) { googleTagPushIfNotLocked('console_recovery_code', 'ddb_c_user', 'recovery_code', 'recovery_code', 'https://console.online.net/en/api/', e); }); }); </script> <script src="/bundles/onlineconsole/js/vue.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/vuex.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/vue-resource.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/vue-focus.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/vue-loading-bar.min.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> <script src="/bundles/onlineconsole/js/lodash.full.js?5dddec4d3155e8914ea8c24ac96926249eb362c9 "></script> </div> </body> </html>