The following are a few FAQs to provide insights into the Basic Authentication Deprecation notice and its impact on user accounts with 2-Factor Authentication (2FA) enabled or 2FA forced.
The Basic Authentication Deprecation notice is a notification that significant changes are being made to IONOS APIs and SDKs authentication methods. Starting from February 1, 2024, the newly introduced token management feature will generate authentication tokens from the DCD, and the Basic Authentication function will be disabled for all 2FA-enabled or 2FA-forced users effective March 15, 2024.
The 2FA is enabled or forced on user accounts to enforce improved security while accessing IONOS DCD, APIs an SDKs. Hence, when the 2FA is enabled, access to IONOS' APIs and SDKs is allowed only through an authentication token, and Basic Authentication is deprecated.
After March 15, 2024, users with 2FA enabled or forced will undergo the following changes:
The existing tokens created via the Auth API will not be supported anymore.
Authentication to IONOS' APIs and SDKs is only allowed by the Authorization token that is generated from the Token Manager in the DCD.
Requesting authorization via Basic Authentication across IONOS' APIs and SDKs will not be supported by the end of 2024.
To improve user security, use the Token Manager to Generate authentication token.
Token generation via IonosCTL will not be allowed.
No, users without 2FA enabled or forced are not impacted by the Basic Authentication deprecation. Such users can continue to use Basic Authentication to access IONOS' APIs and SDKs. However, it is recommended to use 2FA for improved user security and use the Token Manager to generate authentication tokens.
To continue using IONOS' APIs and SDKs, you must request authorization through tokens that can be generated from the new Token Manager in the DCD, available from February 1, 2024. For more information, see Manage Authentication Tokens .
Using the API/SDK Authentication Token Manager, you can generate new tokens, list all tokens, and delete tokens. A new token is valid for its defined Time To Live (TTL) duration. Using these tokens, 2FA enabled or forced user accounts can authenticate to use IONOS' APIs and SDKs.
In the DCD, go to Management > Token Management. In the API/SDK Authentication Token Manager, use the Generate Token option to create a token.
You can continue using Basic Authentication till the end of 2024. However, a grace period is not possible for the users with 2FA enabled. The new token management is available effective February 1, 2024, and to continue using IONOS APIs and SDKs, you must transition to the new token management by March 15, 2024. If you do not take action by this date, you will no longer be able to access IONOS' APIs and SDKs.
Currently, the token generated from the Token Manager in the DCD is valid for a maximum of one year. There is no provision for extending this duration. You will need to renew your tokens as needed.
This change primarily applies to 2FA enabled or forced user accounts across IONOS' APIs and SDKs that were using Basic Authentication for authorization. Other services and APIs continue to have their authentication methods and policies.
No, after the deprecation date (March 15, 2024), Basic Authentication tokens will no longer be valid for authorization for 2FA-enabled and forced users. You must switch to using tokens provided by the Token Manager.
This change enhances user security by moving away from Basic Authentication, which is considered less secure, and by providing a more streamlined and user-friendly token management system for APIs and SDKs access. It helps protect user data and accounts.
For more information or assistance with this transition, you can contact IONOS Cloud Support or see Deprecation of Basic Authentication documentation.
For the Token Management APIs, if you have 2-Factor Authentication configured, then you are no longer allowed to create or delete tokens using this API. You can use the Token Manager in the Data Center Designer (DCD) to create or delete the tokens.
Attention:
Starting from March 15, 2024, authorization via Basic Auth will be discontinued for the users with 2-Factor Authentication enabled.
For users:
With 2-Factor Authentication disabled for their accounts, we will continue to support Basic Authentication till the end of 2024. We highly recommend to enable 2FA to improve the user security.
With 2-Factor Authentication enabled on their accounts, we recommend requesting token authorization through the Token Manager in the Data Center Designer (DCD). The Token Manager allows users to create, list, and delete tokens based on the defined Time To Live (TTL). For more information, see Authentication token attributes. This transition ensures a secure and hassle-free authorization process for enhanced account security.
User accounts can authenticate to IONOS' APIs and SDKs only by generating authentication tokens via API/SDK Authentication Token Manager in the DCD if they:
have started the process of configuring 2FA on their account.
have completed the 2FA process on their account.
have a 2FA process obligated by the contract owner or administrator.
For more information, see Manage Authentication Tokens.
This change affects the other API actions in the following ways:
API actions such as Create new tokens, Delete tokens by criteria, Delete tokens will not be allowed.
Token generation via IonosCTL will not be allowed.
Note:
IONOS' APIs and SDKs support users to authenticate using the Basic Authentication support for non-2FA enabled and forced accounts, which will be available till this year's end.
For 2FA enabled and forced users, once the TTL expires, the tokens cannot be refreshed automatically. You need to generate a new authentication token via DCD.
Effective March 15, 2024, the Basic Authentication will not be supported for user accounts with 2FA enabled or forced, and only tokens generated from the Token Manager authenticate users to use the IONOS' APIs and SDKs. This update to APIs and SDKs authentication methods and token management is aimed at enhancing user security.
The new API/SDK Authentication Token Manager is available from February 1, 2024. For more information, see Manage Authentication Tokens.
Impacted users are encouraged to try out generating authentication tokens via API/SDK Authentication Token Manager and familiarize themselves with the new authorization method and token generation. This transition ensures a more secure and hassle-free user experience.
You are encouraged to activate 2FA to ensure secure access to your infrastructure. The APIs/ SDKs will support account security by working with tokens that can only be retrieved from the Authentication Token Manager.
All user accounts with currently 2FA enabled or forced are impacted by the Basic Authentication deprecation. New users and existing users opting for the 2FA going forward will also be impacted by this change.
The significant changes to IONOS APIs and SDKs authentication methods and token management require impacted users with 2FA enabled or forced to take the following mandatory actions:
To get started with generating authorization tokens using the API/SDK Authentication Token Manager that is available in the DCD starting February 1, 2024.
Effective March 15, 2024, only these tokens let users authenticate and use the IONOS' APIs and SDKs. The Token Manager allows you to create, list, and delete tokens. For more information, see Generate authentication token.