Cyber Recovery: Updated REST Authentication Token Curl Command for Version 19.22

Issues seen after upgrading to Cyber Recovery 19.22

Customers may encounter the following symptoms when using REST‑based tools or scripts:

• Authentication token requests fail, causing REST‑based tools or scripts to stop working.
• Calls to the older endpoint below no longer return a token and generate error responses:

/cr/v7/login

• Scripts that use the previous cURL command for login cause connection or authentication errors.

Update to REST authentication endpoint in Cyber Recovery 19.22

In Cyber Recovery version 19.22, the REST authentication token endpoint has changed. The previous endpoint (/cr/v7/login) is no longer supported, and REST authentication requests fail. Scripts or tools that continue to use the old URL encounter errors because the server now needs the new endpoint (/cr/v9/auth/login) with a POST method.

• Previous authentication request (pre-19.22)

curl -k -H 'Content-Type: application/json' --data '{"username":"Account_Name","password":"Account_Password"}' https://<CR_Server>:14777/cr/v7/login

• Current authentication request (19.22 and later)

curl -k -X POST https://<CR_Server>/cr/v9/auth/login -H 'accept: application/json' -H 'Content-Type: application/json' -d '{"username":"Account_Name","password":"Account_Password"}'

The difference between the URL version used by existing scripts and the version needed by the updated API causes the failed REST‑based authentication tries.

Update REST Authentication Token Request for Cyber Recovery 19.22 and Later

Prerequisites

• Cyber Recovery (CR) version 19.22 or later
• Valid CR user account (username and password)
• Access to the CR management server network
• cURL installed on the client machine

Procedure

1. Confirm the CR version. If the version is earlier than 19.22, the legacy command may still work. For 19.22 and later, proceed with the new command.
2. Replace placeholders with your environment details:
   • IP address or hostname of the CR management server
   • Account_Name - Your CR username
   • Account_Password - Your CR password
   • Run the new authentication request using cURL:

curl -k -X POST https://<CR_Server>/cr/v9/auth/login \
     -H 'accept: application/json' \
     -H 'Content-Type: application/json' \
     -d '{"username":"Account_Name","password":"Account_Password"}'        

3. Capture the JSON response. A successful call returns a field named token (or similar) containing the bearer token.
4. Update any scripts, automation tools, or third‑party applications that previously used the legacy endpoint (/cr/v7/login) to use the new endpoint (/cr/v9/auth/login) and the token format returned above.
5. For reference on additional REST API options, open a browser to:

https://<CR_Server>:14780        

Verification

1. Store the token in a variable (example for Bash):

TOKEN=$(curl -k -s -X POST https://<CR_Server>/cr/v9/auth/login \
     -H 'accept: application/json' \
     -H 'Content-Type: application/json' \
     -d '{"username":"Account_Name","password":"Account_Password"}' | jq -r .token)        

2. Use the token to call a protected CR API endpoint, such as the system health check:

curl -k -H "Authorization: Bearer $TOKEN" https://<CR_Server>/cr/v9/health        

3. Confirm the response returns HTTP 200 and a JSON payload indicating the system is healthy. A non‑200 response suggests the token is invalid, or the request format is incorrect.