disguise developers

Authentication

All endpoints on Disguise Cloud are protected by authentication. To authenticate your requests, you will need an API token. You can generate an API token in the Cloud Dashboard.

Please Note: The API is available to all users on an organisation that are either an admin or an owner on that organisation. If you are not an admin or owner, you will need to request access from an admin or owner before you can use the API.

Token Scope

API tokens are scoped to an organisation and the user that generated it. This means that an API token can only be used to access resources within the organisation that it was generated for. This by extension gives access to all resources that the organisation has access to (e.g. drives, the content inside those drives, etc.).

If you need to access resources in multiple organisations, you will need to generate a separate API token for each organisation.

Generating an API Token

To generate an API token, follow these steps:

  1. Log in to the Cloud Dashboard.
  2. Navigate to your desired organisation by clicking on your organisation’s name in the top right corner.
  3. Click on the Settings tab.
  4. Click on the Integrations tab.
  5. Here you can see all the API tokens that have been generated for your organisation. To generate a new API token, click on the Create New Token button at the top right.
  6. On the next page, give the token a name and click Create.
  7. Your new API token will be displayed on the next page.
    • Please Note: This is the only time you will be able to see the token, so make sure to copy it and store it in a safe place!
  8. Once you have copied the token, click Back to return to the list of API tokens.

Revoking an API Token

There may be cases where you need to revoke an API token. Revoking a token will immediately invalidate it, please ensure any services or applications using the token are updated with a new token before revoking it if they are still required.

If you need to revoke an API token, follow these steps:

  1. Log in to the Cloud Dashboard.
  2. Navigate to your desired organisation by clicking on your organisation’s name in the top right corner.
  3. Click on the Settings tab.
  4. Click on the Integrations tab.
  5. Here you can see all the API tokens that have been generated for your organisation. To revoke an API token, click on the Trash icon next to the token you want to revoke.
  6. A confirmation dialog will appear. Click Confirm to revoke the token.

Using the API Token

To use the API token in your requests, you will need to include it in the Authorization header of your HTTP requests. The header should be in the following format:

Authorization: Token YOUR_API_TOKEN

Replace YOUR_API_TOKEN with the API token you generated in the Cloud Dashboard.

An example of how to use the API token in a cURL request is shown below:

curl -X GET https://api.disguise.cloud/v1/self \
-H "Authorization: Token YOUR_API_TOKEN"