Getting Access Token

Learn the fundamentals of Customer Resource Hierarchy APIs.

Important Update on the Access Token API:

Access Token: As of January 8, 2024, we deprecated the use of 'password grant type' for generating new access tokens. The end-of-life support will end on January 7, 2025, and API calls will be retired and removed after this date. If you currently use the password grant type, we highly recommend migrating to client credential flow to avoid impacting your integration.

If you have any questions, contact Equinix API support @ api-support@equinix.com.

Equinix APIs use OAuth 2.0 protocol to authenticate the requests you make to API endpoints. In order to interact with Equinix APIs, you need a bearer access token. Bearer determines the type of authentication scheme and is a part of the OAuth 2.0 protocol.

Prerequisites

Interacting with Equinix products over API requires:

  • Equinix portal account.
  • Product-specific create, modify and delete permissions. Contact your organization's primary administrator and request access permissions.

Generate Client ID and Client Secret

Client ID and Client Secret are necessary to obtain tokens that authorize your API requests. To generate a Client ID (Consumer Key) and Client Secret (Consumer Secret), register your app in the Developer Settings section of the Equinix Portal.

To register app:

  1. Log in to Equinix Portal.
  1. From the global navigation menu, select Developer Settings > Apps to display apps details.

API License Agreement
Before using the platform and APIs for the first time, you must read and accept the displayed API license agreement. Once you have accepted the agreement, you can find it in the Additional Information section.

  1. Click Create New App.


  2. Provide app name, select app environment type (Sandbox or Production), and click Create.



Sandbox simulates the production environment. You can use it to test your API integration if you're an API-enabled customer.

The Sandbox environment is not supported for Fabric customers.


  1. Click your app tile to open its details.

  2. Click Show (eye icon) to view your Consumer Key and Consumer Secret.

Request Access and Refresh Tokens

Access Token

Access token is used to authorize your API requests. You can request a token using either client credentials (recommended) or password grant type DEPRECATED.

For more information on grant types, see OAuth Grant Types.

Sample curl request - client credentials grant type (recommended)

Copy 
curl -X
POST 'https://api.equinix.com/oauth2/v1/token'
-H 'content-type: application/json'
-d '{
    "grant_type": "client_credentials",
    "client_id": "ABCDE12345",
    "client_secret": "FGHIJ67890"
}'

DEPRECATED

Sample curl request - password grant type

Copy 
curl -X
POST 'https://api.equinix.com/oauth2/v1/token'
-H 'content-type: application/json'
-d '{
    "grant_type": "password",
    "client_id": "ABCDE12345",
    "client_secret": "FGHIJ67890",
    "user_name": "john.doe@example.com",
    "user_password": "jd1@#$"
}'

DEPRECATED

For increased security, you can provide an MD5 hash of your password encoded using Base64 encoding.

Sample curl request - password grant type with hashed password string

Copy 
curl -X
POST 'https://api.equinix.com/oauth2/v1/token'
-H 'content-type: application/json'
-d '{
    "grant_type": "password",
    "client_id": "ABCDE12345",
    "client_secret": "FGHIJ67890",
    "user_name": "john.doe@example.com",
    "user_password": "pJThQGD0QG7R0iedSipwIA==",
    "password_encoding": "md5-b64"
}'

Example python script for generating password hash:

Copy 
import hashlib
import base64

a = hashlib.md5('jd1@#$'.encode('utf8'))
b = base64.b64encode(a.digest()).decode()
print(b)

Body parameters

Parameter
Description
grant_type string
REQUIRED		 Different ways to authorize access to resources.
Applicable values:
  • client_credentials
  • password DEPRECATED
client_id string
REQUIRED		 Client application identifier. For information on how to generate and retrieve client application identifier, see Generate Client ID and Client Secret.
Example: ABCDE12345
client_secret string
REQUIRED		 Authorization key associated with an application instance. For information on how to generate and retrieve client application secret, see Generate Client ID and Client Secret.
Example: FGHIJ67890
user_name string
CONDITIONAL		 Your Equinix account username. Applicable to the password grant type DEPRECATED.
Example:john.doe@example.com
user_password string
CONDITIONAL		 Your Equinix account password. Applicable to the password grant type. DEPRECATED
Example: jd1@#$
password_encoding string
OPTIONAL		 A hashing algorithm and encoding applied to the password string. Applicable to the password grant type. DEPRECATED
Applicable values: md5-b64

Sample response - client credentials grant type

Copy 
{
    "access_token": "qwErtY8zyW1abcdefGHI",
    "token_timeout": "3600",
    "user_name": "john.doe@example.com",
    "token_type": "Bearer"
}

DEPRECATED

Sample response - password grant type

Copy 
{
    "access_token": "qwErtY8zyW1abcdefGHI",
    "token_timeout": "3600",
    "user_name": "john.doe@example.com",
    "token_type": "Bearer",
    "refresh_token": "zxcvbn1JKLMNOPQRSTU",
    "refresh_token_timeout": "5184000"
}

Response payload body description

Parameter
Description
access_token string API requests authorization token.
Example: qwErtY8zyW1abcdefGHI
token_timeout string Authorization token lifetime expressed in seconds.
Example: 3600
user_name string Equinix account username.
Example:john.doe@example.com
token_type string Authorization token type.
Example: Bearer
refresh_token string Refresh token used to obtain a new access token once it expires.
Example: zxcvbn1JKLMNOPQRSTU
refresh_token_timeout string Refresh token lifetime expressed in seconds.
Applicable values: 5184000

Refresh Token

Use a refresh token to obtain a new access token.

Sample curl request - retrieve access token using a refresh token

Copy 
curl -X
POST 'https://api.equinix.com/oauth2/v1/refreshaccesstoken'
-H 'content-type: application/json'
-d '{
    "client_id": "ABCDE12345",
    "client_secret": "FGHIJ67890",
    "refresh_token": "zxcvbn1JKLMNOPQRSTU"
}'‌‌

Body parameters

Parameter
Description
client_id string
REQUIRED		 Client application identifier. For information on how to generate and retrieve client application identifier, see Generate Client ID and Client Secret.
Example: ABCDE12345
client_secret string
REQUIRED		 Authorization key associated with an application instance. For information on how to generate and retrieve client application secret, see Generate Client ID and Client Secret.
Example: FGHIJ67890
refresh_token string
REQUIRED		 Refresh token used to obtain a new access token once it expires.
Example: zxcvbn1JKLMNOPQRSTU

Use Access Tokens

To interact with Equinix API, make sure to include the Authorization header in the HTTP request.

Sample curl request - an inbound shipment

Copy 
curl -X
POST "https://api.equinix.com/colocations/v2/orders/shipments"
-H "content-type: application/json"
-H "authorization: Bearer qwErtY8zyW1abcdefGHI"
-d '{
    "type": "INBOUND",
    "requestedDateTime": "2020-11-02T10:45:41Z",
    "cageId": "AM1:01:000111",
    "details": {
    "carrier": "CUSTOMER_CARRIER",
    "numberOfBoxes": 2
    }
}'‌