# Overview & authentication

**The REST API in Xopero ONE exposes programmatic endpoints tailored for DevOps ecosystems — using standard HTTP requests and structured responses, external systems, scripts, and automation tools can retrieve information about protected resources, backup jobs, repositories, and storage configuration, as well as trigger selected management actions.**

***

## General information

REST (Representational State Transfer) is an architectural style for designing application programming interfaces (APIs) that use HTTP requests to interact with and perform operations on resources identified by URLs. With a REST API, data can be created, read, updated, or deleted using the HTTP methods such as POST, GET, PUT, and DELETE.

The **Xopero ONE** REST API allows users to manage backups for **Git** services such as **GitHub**, **GitLab**, **Azure DevOps**, and **Bitbucket**. With the REST API, you can list **Git** organizations, check the status of an organization’s backup plans, modify backup plans, activate licenses for selected repositories, and perform other related operations.

The REST API can be used by any user with the **System Administrator** role who is registered in the same **Xopero ONE** instance. Some requests require accounts with additional permissions, which are specified in the request description.

**Xopero ONE** REST API endpoints use the POST HTTP method.

***

## Authentication

**Xopero ONE** REST API requires API authentication and API authorization.

Authentication is done by sending a POST sign-in request. The sign-in request generates an access token, which is required to authorize all subsequent API requests.

{% hint style="info" %}
You can find full POST sign-in request documentation [here](https://helpcenter.xopero.com/xopero-one-en/management/available-api-requests#post-account-login).
{% endhint %}

{% hint style="warning" %}
The access token generated with the POST sign-in request is valid for 30 days.
{% endhint %}

For example, to use an access token in a POST `getMany` request in **Postman**, open the **Authorization** tab, select **Bearer Token** as the authorization type, and paste the access token in the **Token** field. Then, adjust the required parameters and send the request. The access token includes the necessary permissions to perform the endpoint’s operation.

<figure><img src="https://319733277-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F0CBTl43C3OO6ySL1DJ6k%2Fuploads%2FjE6fNpCYedBG8eEiPCKE%2Fimage.png?alt=media&#x26;token=4f458984-b868-48a1-bed2-f5d5b66b6b5b" alt=""><figcaption></figcaption></figure>

***

## API endpoints&#x20;

Requests can be sent to the following API endpoints.

{% hint style="info" %}
Full API request documentation is available in [this article](https://helpcenter.xopero.com/xopero-one-en/management/rest-api-for-devops-ecosystems/available-api-requests).
{% endhint %}

| HTTP method and path                     | Description                                                             |
| ---------------------------------------- | ----------------------------------------------------------------------- |
| `POST /account/login`                    | Log in to **Xopero ONE Management Service** and obtain an access token. |
| `POST /git/organizations/getmany`        | List **Git** organizations integrated with **Xopero ONE**.              |
| `POST /plans/listassignedtoorganization` | List all backup plans assigned to the selected **Git** organization.    |
| `POST /plans/attachgitrepository`        | Attach a repository to a backup plan.                                   |
| `POST plans/AttachAzureProject`          | Attach an **Azure DevOps** project to a backup plan.                    |
| `POST /plans/detachgitrepository`        | Remove a repository from a backup plan.                                 |
| `POST plans/DetachAzureProject`          | Remove an **Azure DevOps** project from a backup plan.                  |
| `POST /plans/modifygitplan`              | Edit settings of an existing backup plan.                               |
| `POST plans/ModifyAzurePlanAsync`        | Edit settings of an existing **Azure DevOps** backup plan.              |
| `POST /git/repositories/getmany`         | Retrieve a list of the selected **Git** organization's repositories.    |
| `POST /git/repositories/activate`        | Activate licenses for selected repositories.                            |
| `POST /git/repositories/deactivate`      | Deactivate licenses for selected repositories.                          |
| `POST /git/repositories/remove`          | Remove a repository from the **Xopero ONE** system.                     |
| `POST /git/repositories/sync`            | Synchronize organization data with the **Xopero ONE** system.           |

***

## Useful links and items

{% content-ref url="available-api-requests" %}
[available-api-requests](https://helpcenter.xopero.com/xopero-one-en/management/rest-api-for-devops-ecosystems/available-api-requests)
{% endcontent-ref %}