Equinix Fabric™
-
Overview
-
How to Guide
-
Getting Started
-
Connect to AWS
-
Connect to Microsoft
-
Connect to Google
-
Connect to Oracle
-
Connect to Oracle Cloud Infrastructure Government
-
Connect to IBM
-
Connect to Alibaba
-
Connect to Enterprises
-
Connect to Myself
-
Create Service Profile
-
Approve or Reject Connection
-
Authorize Buyer to Access Private Service Profile
-
Update Bandwidth/Speed of a Connection
-
-
V3 APIs Migration
- API Reference
-
Code Samples
- Troubleshooting
-
Glossary
Getting Started
Learn the fundamentals of Equinix Fabric APIs.
Pre-requisites
- You have valid user credentials.
- You have been authorized to access the developer portal.
- You have been authorized permissions for orders and notifications and also to create, modify and delete connections by your master Admin.
Generating Client ID and Client Secret key
To obtain your client ID (consumer key) and client secret key (consumer secret), you must register your app in the developer platform according to your preferred environment.
1. Login to Equinix Developer Platform using your login credentials.
If you are unaware of your login credentials for Equinix Developer Platform, contact your local Equinix Service Desk.
2. After logging in, click on the App Dashboard section as shown below.
3. Click on the New App button.
4. You will need to name your app and then select the app type to be used, you can either create an app for the Sandbox or Production environment. Once you’re ready click on the Create button.
The sandbox environment is only a test environment that mimics the production environment and creates simulated API responses.
If you are not an existing API customer, send an email to api-support@equinix.com to gain access to Equinix sandbox.
5. You should now have your app listed in the My Apps section as shown below:
6. When you click on your app, your Client ID ( Consumer Key) and Client Secret (Consumer Secret) will be revealed.
Requesting Access and Refresh tokens
Access Token Flow
The access token is used to exchange data with the Equinix APIs and the refresh token is used to request a new access token should the access token expire. You can obtain your access token by either using the password or client credentials grant type as shown in the sample curl commands below:
The client_credentials grant type is used by users who do not want to use their Equinix login credentials (user name and user password) in exchange for an access token, whereas the password grant type is for users who are less hesitant.
Refer to https://oauth.net/2/grant-types/ for more information about the different grant types and their usage.
Access token using password grant type
curl -X
POST 'https://api.equinix.com/oauth2/v1/token'
-H "content-type: application/json"
-d '{
"grant_type": "password",
"user_name": "john.doe@example.com",
"user_password": "jd1@#$",
"client_id": "ABCDE12345",
"client_secret": "FGHIJ67890"
}'
Access token using client credentials grant type (Recommended)
curl -X
POST 'https://api.equinix.com/oauth2/v1/token'
-H "content-type: application/json"
-d '{
"grant_type": "client_credentials",
"client_id": "ABCDE12345",
"client_secret": "FGHIJ67890"
}'
The description of the body parameters is as follows:
| Body Parameter Name | Mandatory | Type | Example | Applicable Values | Description |
| grant_type | Yes | string | password |
"password" "client_credentials" |
Different ways to authorize access to resources. It indicates the type of grant to be presented in exchange for an access token. |
| user_name | Yes | string | john.doe@example.com | The Equinix login username. This field is optional for client credentials grant type. | |
| user_password | Yes | string | jd1@#$ | The Equinix login password. This field is optional for client credentials grant type. | |
| client_id | Yes | string | ABCDE12345 | A special ID generated by the Equinix Developer Platform. | |
| client_secret | Yes | string | FGHIJ67890 | A special key generated by the Equinix Developer Platform. | |
| password_encoding | No | string | md5-b64 | "md5-b64" |
An optional field for users who want to encrypt their password when requesting an access token. Currently, only “md5-b64” hashing is supported. This field is only applicable to users who use password grant.
Click here to learn how to encrypt your password using md5-b64 hashing.
|
Refer to Generating a Client ID and Client Secret key under the Getting Started section for instructions on how to create a client ID and client secret.
If you are unaware of your user credentials for the Equinix Developer Platform, contact your local Equinix Service Desk.
Once authenticated, the respective token and timeout details will be sent to you as shown in the sample JSON responses below.
Sample response when using password grant type
{
"access_token": "qwErtY8zyW1abcdefGHI",
"token_timeout": "3600",
"user_name": "john.doe@example.com",
"token_type": "Bearer",
"refresh_token": "zxcvbn1JKLMNOPQRSTU",
"refresh_token_timeout": "5184000"
}
Refresh token details will only be sent to customers that use password grant.
Sample response when using client credentials grant type
{
"access_token": "qwErtY8zyW1abcdefGHI",
"token_timeout": "3600",
"user_name": "john.doe@example.com",
"token_type": "Bearer",
}
The description of the response payload is as follows:
| Field Name | Type | Example | Applicable Values | Description |
| access_token | string | qwErtY8zyW1abcdefGHI | The authorization token to be used in subsequent API calls. | |
| token_timeout | string | 3600 | The lifetime of an access token in seconds. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated. | |
| user_name | string | john.doe@example.com | The Equinix login username. | |
| token_type | string | Bearer |
"Bearer" |
The type of token. |
| refresh_token | string | zxcvbn1JKLMNOPQRSTU | Access tokens have limited lifetimes. If your application needs access to an API beyond the lifetime of a single access token, you can obtain a refresh token. A refresh token allows your application to obtain new access tokens. This information is only applicable to "password" grant users. | |
| refresh_token_timeout | string | 5184000 | The lifetime of a refresh token in seconds. For example, the value "5184000" denotes that the refresh token will expire in 60 days from the time the response was generated. This information is only applicable to "password" grant users. |
To make a request to Equinix APIs, add the Authorization header to the HTTP request with the word "Bearer" prepended to the access token. For example with curl use, -H "Authorization: Bearer qwErtY8zyW1abcdefGHI"
Refresh Token Flow
You can use a valid refresh token to obtain new access tokens to be used in API calls. A refresh token is valid for 60 days. You must submit your Client ID, Client Secret and Refresh Token to obtain refresh access tokens as shown in the sample curl command below.
curl -X
POST 'https://api.equinix.com/oauth2/v1/refreshaccesstoken'
-H "content-type: application/json"
-d '{
"client_id": "ABCDE12345",
"client_secret": "FGHIJ67890",
"refresh_token": "zxcvbn1JKLMNOPQRSTU"
}'
The description of the body parameters are as follows:
| Body Parameter Name | Mandatory | Type | Example | Applicable Values | Description |
| client_id | Yes | string | ABCDE12345 | A special ID generated by the Equinix Developer Platform. | |
| client_secret | Yes | string | FGHIJ67890 | A special key generated by the Equinix Developer Platform. | |
| refresh_token | Yes | string | zxcvbn1JKLMNOPQRSTU | A refresh token allows your application to obtain a new access token and is provided in the response payload of an access token call. |
Once requested, a new set of access token, refresh token, and timeout details will be sent to you.
{
"access_token": "1abcdefGHIqwErtY8zyW",
"token_timeout": "3600",
"user_name": "john.doe@example.com",
"token_type": "Bearer",
"refresh_token": "1JKLMNOPQRSTUzxcvbn",
"refresh_token_timeout": "5184000"
}
Refer to Generating a Client ID and Client Secret key under the Getting Started section for instructions on how to create a client ID and client secret.