Baruwa API

The Baruwa API allows you to manage a Baruwa Server, programmatic way using conventional HTTP requests. The endpoints are intuitive and powerful, allowing you to easily make calls to retrieve information or to execute actions. The Baruwa API is organized around REST and uses OAUTH 2.0 authentication. It is therefore possible to use off-the-shelf HTTP clients in any programming language.

Most of the functionality that you are familiar with in the Baruwa web interface is also available through the API, allowing you to script the complex actions that your situation requires.

How Baruwa uses OAuth 2.0

OAuth is an industry-standard open standard for authorization used by many companies to provide secure access to protected resources. The Baruwa API uses the OAuth 2.0 protocol to authorize requests.

Here is an overview of how the OAuth 2.0 auth flow works:


Application registration

Register your application by logging into the Baruwa web interface, and by going to the API & Applications menu under the user account.

When you create a new application, Baruwa generates a set of OAuth keys for the application (the keys consist of a client_id and client_secret).

Access token requests

You then obtain an access token for your application by sending a request to the /api/v1/oauth/token endpoint. You need to authenticate your access token request with your application credentials obtained as described above.

The Baruwa server, acting as the authorization server, verifies your application credentials and returns Bearer and Refresh access tokens.

API request authentication

When you make the API calls, make request by adding the access token in the Authorization header using the following syntax:

Authorization: {tokenType} {accessToken}


Authorization: Bearer XXXXXX...XXXXX9X2

Release Status

The API is still in Beta. Please note that during this period based on user feedback we may make some large changes which may break compatibility.


The Baruwa API documentation is available online.