• Register


Access MSP Public API specification Documentation here

MSP Public API provides endpoints to manage webhooks for resellers such as Managed Service Providers. Webhooks let your application receive notifications upon events happening in the Egnyte Reseller Dashboard in real time.

Before you begin making API calls, you must first authenticate to obtain a valid access token to use in subsequent requests. Our APIs use the OAuth 2.0 standard for authentication. Currently for the MSP Public APIs we support the Implicit Grant flow. Your application must cache the tokens received rather than making repeated requests for a token. Before proceeding to the Authentication process please make sure the following prerequisites are satisfied:

  • Confirm with your Egnyte Partner Account Manager about the feature availability for your MSP account.
  • Make sure that you have an active NFR domain.
  • Make sure that you have an active User on NFR domain.
  • Make sure that you have an active User on MSP Portal with Email Id same as the one used for the active User on NFR domain.
  • Make sure that you have the ClientId sent to you during Egnyte developer account registration. If you don't have an account already, please register for a developer account.
  • If you are registering for new account please pay attention to the following fields in the registration form
    • For Email field, email address used for reseller portal registration is preferred.
    • For Type field, please select the option Publicly Available Application.
    • For the Egnyte domain you will use for testing field, please provide your NFR domain name as input.
    • For the Registered OAuth Redirect URI field, please provide https://resellers.egnyte.com/accounts/login/
      • Please make sure the option Issue a new key for Egnyte Connect API is checked.
      • For the MSP API access, Egnyte Protect API key is not required. So please uncheck Issue a new key for Egnyte Protect.


Generating Access token with Implicit Grant Flow

This is a two stage flow:

  1. Initiate the Authentication Flow
  2. Extract Access Token from Response

1. Initiate the Authentication Flow

To start the flow and receive an authentication token please make a request as below:
https://<NFR_Domain>.egnyte.com/puboauth/token?client_id=<API Key>&redirect_uri=https://resellers.egnyte.com/accounts/login/&response_type=token

The variables of the request are described below.
Variable Description Required
NFR Domain This the NFR Domain that is used during registration on developers portal Yes
API Key This is the key string that was provided to you(via email) when you registered your application. Yes
redirect_uri This must be set to "https://resellers.egnyte.com/accounts/login/" Yes
response_type This must be set to "token" for this flow. Yes

For example:


With this request you will be taken to an authorization page that asks to explicitly permit the app to access the Egnyte account APIs. This page displays information about your application taken from your reseller profile. The user must provide their login credentials on this page to authorize the application.

2. Extract Access Token from Response

If the user allows the app to access the account, a redirection is made to:


Please save the access token present on the url and use it while making subsequent API requests. Store it encrypted and don't leave it in browser's localStorage.

If the user denies the app, a redirection is made to:


Subsequent Requests

Once you have an OAuth token, all subsequent API calls that you make must have the token specified in the header of the request. Set the “Authorization” field to “Bearer <Token>”. For example:

Authorization: Bearer 2v8q2bc6uvxtgghwmwvnvcp4

You should persist the OAuth token in your application, rather than making repeated calls to obtain a token for the same user. Treat the token with the same degree of care that you would a saved password.

Bearer tokens issued by Egnyte's APIs do not expire. However, if the user changes their password or explicitly revokes access, then a new token will be required. Therefore, your app must be able to deal with 401 authentication failure scenarios.

For more details on the MSP API endpoints and the payload schemas, refer MSP Public API specification Documentation.