Introduction
    • Dark
      Light

    Introduction

    • Dark
      Light

    Article Summary

    The Backblaze Partner API empowers you to programmatically create and manage a large number of Backblaze B2 Cloud Storage accounts and groups within your applications. This API will allow you to provide a more seamless experience for your customers while offering greater ease of administration for your business.

    For more information about the Partner API and specific how-to guides, click here.

    The Backblaze Partner API enables you to automate the following:

    • Account creation (adding Group members).
    • Organizing accounts in Groups.
    • Listing Groups.
    • Listing Group members.
    • Ejecting Group members.

    Prerequisites

    If you’re familiar with Backblaze, getting started is straightforward:

    For additional information, we’ve provided detailed documentation on each of these steps, as well as for each API call and the Usage Reports. You can find links to all these documents in the left hand navigation.

    Authentication

    The Backblaze Partner API requires the use of an API token to authenticate requests. In order to obtain an API token, you must first generate a Master Application Key. Please refer to Create a Master App Key for the Partner API that walks you through the Master Application Key creation process. After obtaining your Master Application Key, you will then make a request upon the b2_authorize_account endpoint in order to obtain your API token. 

    Request and Response Formats

    The following request and response values are possible using the Partner API.

    Status Codes

    For all calls to the Partner API, the HTTP status code that is returned indicates success or failure. Unsuccessful calls return a JSON error structure in the body of the response that includes the status, a "code" that is a short string, and a "message" intended only for humans.

    A status of 200 (OK) means success. Any code in the 400 or 500 range is a failure. See the section below on Error Handling for details. At present, the Partner API does not use redirects (status codes in the 300 range).

    Error Handling

    Failures to connect to the Backblaze servers, and networking problems in general can cause errors, which are reported in the normal way.

    If you get a response from the Partner API, the HTTP status code will tell you whether it is an error or not. A 200-series status code, such as 200 (OK), or 204 (No Content), means that the call was successful. For most calls, a successful response will have status 200 and contain the JSON that is described in the API documentation. A 204 status code indicates that the call was successful, but there is no JSON content in the response. Any code outside the 200-series is an error, and the response will contain a JSON error structure indicating what went wrong. 

    HTTP Status Codes

    The documentation for each API includes information on specific errors returned for that API; the general classes of errors are included in the following table:

    200The request was successful, and the response contains the JSON structure described in the page for the call.
    204The request was successful, and the response is empty.
    400BAD REQUEST
    There is a problem with a passed in request parameters - the JSON error structure returned will contain an error code of bad_request and a human-readable error message describing the problem.
    401UNAUTHORIZED
    When calling b2_authorize_account, this means that there was something wrong with the applicationKeyId or with the Application Key that was provided. The code unauthorized means that the Application Key is bad. The code unsupported means that the Application Key is only valid in a later version of the API.
    For all other API calls, the code returned tells you what to do. The code unauthorized means that the auth token is valid, but does not allow you to make this call with these parameters. When the code is either bad_auth_token or expired_auth_token you should call b2_authorize_account again to get a new auth token.
    When calling b2_authorize_account, this means that there was something wrong with the applicationKeyId or with the application key that was provided. The code unauthorized means that the application key is bad. The code unsupported means that the application key is only valid in a later version of the API.
    For all other API calls, the code returned tells you what to do. The code unauthorized means that the auth token is valid, but does not allow you to make this call with these parameters. When the code is either bad_auth_token or expired_auth_token you should call b2_authorize_account again to get a new auth token.
    408REQUEST TIMEOUT
    The service timed out trying to read your request.
    429TOO MANY REQUESTS
    Backblaze B2 may limit API requests on a per-account basis.
    500INTERNAL ERROR
    An unexpected error has occurred.
    503SERVICE UNAVAILABLE
    The service is temporarily unavailable. The human-readable message identifies the nature of the issue, in general we recommend retrying with an exponential backoff between retries in response to this error.

    The following example shows a JSON error response:

    {
        "status" : 400,
        "code" : "invalid_group_id",
        "message" : "group Id is invalid or is not authorized"
    }

    Was this article helpful?