Portal Account Management API

Version: 1.5.4

Portal Account Management API Version History

Introduction

This API is reserved for WatchGuard distributors only. If you are WatchGuard Partner or Service Provider, you cannot use this API.

The Portal Account Management API is a RESTful API that you can use to manage and get information about WatchGuard Portal accounts.

This API documentation explains how to get access to the Portal Account Management API and includes examples to help you get started. For detailed information about the Portal Account Management API endpoints, see the API specification.

Get Started

This section describes how to submit requests to the Portal Account Management API.

The Portal Account Management API URL is:

https://{base API URL}/rest/portal/account-mgmt/

The base URL for WatchGuard public APIs varies by region. The base API URL for your account is provided to you by WatchGuard.

Endpoint Path Parameters

Each WatchGuard public API has a version, expressed as <major>.<minor>.<patch>. You specify the major API version, such as v1, as part of the endpoint URI path.

Authentication

WatchGuard public APIs use the Open Authorization (OAuth) 2.0 authorization framework for token-based authentication. OAuth is an open standard that provides secure access to protected resources.

To request an access token, you send a request to the WatchGuard Authentication API. The request must include your read/write or read/only access API credentials that you received from WatchGuard, encoded into base64. The string to encode must be in the form: AccessID:Password.

After you receive an access token, include the access token and your API key in the header of all requests you make to WatchGuard Public APIs.

Request an Access Token

To get an access token from the WatchGuard Authentication API, make a request to the /oauth/token endpoint.

Request Headers

You must include this information in the header of each request you make to the Portal Account Management API:

Content-Type	application/json
Accept	application/json
Authorization string required	The text "Basic" followed by a space and the API access credentials provided by WatchGuard in the format access_ID:access_pwd encoded into base64. Example: Basic dXNlcm5hbWU6N3loVHI1RHNkLWg2YTktODVnZS1nNjc4OTNoNmUwdGQ Most programming languages include functions to encode base64 strings. You can also use online tools to encode text to base64.
WatchGuard-API-Key	The API Key provided to you by WatchGuard.

Request Body

grant_type string required	The grant type value for the client credentials grant mechanism. The value must be client_credentials
scope string	The scope of the access request. If the request includes this parameter, the value must be api-access.

Example Request

curl -X POST https://api.usa.cloud.watchguard.com/oauth/token \ 
	-H 'accept: application/json' \
	-H 'Authorization: Basic dXNlcm5hbWU6N3loVHI1RHNkLWg2YTktODVnZS1nNjc4OTNoNmUwdGQ' \ 
	-H 'Content-Type: application/x-www-form-urlencoded' \
	-d 'grant_type=client_credentials&scope=api-access'

Example Response

{
	"access_token": "eyJraWQiOiJNWnpabklNK2V6Q3BXUE...",
	"token_type": "Bearer",
	"expires_in": 3600,
	"scope": "api-access",
}

Get Account Verification

/{v1}/accounts/{accountid}

Make a request to this endpoint to verify whether the specified account ID is an existing Partner account.

Path Parameters

When you send a request to this endpoint, you must include these path parameters:

accountid
string
REQUIRED

The WatchGuard Portal account ID of an existing account to verify. Must be at least 11 characters (letters, numbers, and dashes only) and begin with 'ACC-'.

Example: ACC-12345678

Example Request

This request returns information about account ID ACC-12345678:

curl -X GET
	https://api.usa.cloud.watchguard.com/rest/portal/account-mgmt/v1/accounts/ACC-12345678
	-H 'Authorization: Bearer eyJraWQiOiJNWnpabklNK2V6Q3BXUE5mM2FXTHhoSmEza0ltcEFMbnluT05DcFdIT2tZPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJjNDQyMTJlMi05MmI1LTRiOTYtYTRmNS1lYWRlODA4OTM1YjIiLCJjdXN0b206YXBpX2tleXMiOiJwMHM1UmQzUkF2NlR2d0VuWEx5YUphR2x0ZWtieEFVUzcwVGVzOXlGIiwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLXdlc3QtMi5hbWF6b25hd3MuY29tXC91cy13ZXN0LTJfa3hXeFdrTFZ5IiwiY29nbml0bzp1c2VybmFtZSI6IjAyNjk0OWM1OWI2NzIxOGNfcndfaWQiLCJhdWQiOiIzb3AybDBqazkxN3FudXFoZnVoanRvcXRzZyIsImV2ZW50X2lkIjoiODczM2ZmMjktOGNhMC00ODMyLTg0NzgtMDNiNWIxMDI3NmQ3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NjkzNTM0NDEsIm5hbWUiOiIwMjY5NDljNTliNjcyMThjX3J3X2lkIiwiY3VzdG9tOmFjY291bnRfaWQiOiJBQ0MtMTIzNTA2OCIsImV4cCI6MTU2OTM1NzA0MSwiY3VzdG9tOnJvbGUiOiIxIiwiaWF0IjoxNTY5MzUzNDQxfQ.MUAeG6QyM7Zog8mM--WK2uJVevLRwz8z2KPpGhQbUnHK04Hy_JdO4F4wH6IV0WVENGsBrcjp5boxcBZgdJE46123MGnB0HvghN5IoAZUOkfFPm7SAN68posHqYLoo14YNedc5GtvOzCxTmi9YepvE5LhsoC6Tgyc0e3ABn18gEZsyxmJFcMBHXOMei7AssYSWAdDyoI7j6jZslxmhXj7_h6T9PyqjLxLjFEq5S6oK9u4IVDVBlRxbURaRVAGb7ywfHiZEPDgceV-Wnv0AIhDzj5dL28AmiGIkWtWinF0UD-NSMKN4vtszK2sUWUSl8ZfVNGU650heiAaUAy7XmiqbA' 
	-H 'Content-Type: application/json' 
	-H 'WatchGuard-API-Key: s9t7El6RZFg8UcmRhYKdwXqBhyuioiWER83Nqd0tL'

Example Response

The response includes information about the account.

{
	"isPartner": true
}

This table shows and describes the data returned in the response:

isPartner
boolean

Specifies whether the account is a Partner account. If the account does not exist, a 404 Not Found status code is returned.

Example: true

Create a New Tier-1 Partner Account and User

/{v1}/accounts

Make a request to this endpoint to create a new tier-1 Partner account and associated user.

Request Body

When you send a request to this endpoint, you must include these request parameters:

userInfo REQUIRED	Specifies user details for the new tier-1 Partner account and associated user.
email string REQUIRED	Email address of the user. Must be between 4 and 80 characters (letters, numbers, and dashes only). Example: [email protected]
firstName string REQUIRED	First name of the user. Must be between 1 and 40 characters. Example: Yasmine
lastName string REQUIRED	Last name of the user. Must be between 1 and 40 characters. Example: Iqbal
phoneNumber string REQUIRED	Phone number of the user. Must be between 6 and 40 characters. Example: 1234567899
username string REQUIRED	User name for the new user account. The user name must be between 5 and 65 characters and can only include these characters: Alphanumeric characters without accent marks Underscore (_) Plus sign (+) Minus sign (-) Dot (.)
password string	Password for the new user account. If the password parameter is null, the user receives an email with a link to set their own password. To set the password in your API request, specify the password in this parameter. The password must include at least 12 characters, and must contain all these character types: Lowercase letters Uppercase letters Numbers Symbols The password must not include <, >, emojis, or spaces.
accountInfo REQUIRED	Specifies account details to create a new tier-1 Partner account.
companyName string REQUIRED	Name of the company.
region string REQUIRED	Region of the company. Maximum of 150 characters. This can be one of these values: APAC Americas Europe
industry string	Name of the industry of the company. Maximum of 50 characters. The default value is Others. This can be one of these values: Aerospace/Defense Business Services Computer Systems Development Data Processing E-Commerce Education Energy/Utilities/Mining Engineering/Architecture/Construction Entertainment/Publishing Finance Government Healthcare Hotel/Restaurant/Tourism Insurance/Real Estate/Legal ISP Manufacturing Marketing Network Services Non-Profit Other Computer Related Other Non-Computer Related Pharmaceutical Retail Systems Security Telecommunications Transportation Others
address string REQUIRED	Address of the account.
city string REQUIRED	Name of the city or town. Maximum of 40 characters.
country string REQUIRED	Name of the country. This can be one of these values: Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua And Barbuda Antilles Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia And Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Cook Islands Costa Rica Croatia Cuba Cyprus Czech Republic Democratic Republic of the Congo Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador England Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey, C.I. Guinea Guinea-Bissau Guyana Haiti Heard And Mcdonald Islands Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle Of Man Israel Italy Ivory Coast Jamaica Japan Jersey, C.I. Jordan Kazakhstan Kenya Kiribati Kosovo Kuwait Kyrgyzstan Laos Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Ireland Northern Mariana Islands Norway Oman Pakistan Palau Palestine Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Reunion Romania Russia Rwanda Saint Kitts And Nevis Saint Lucia Samoa San Marino Sao Tome And Principe Saudi Arabia Scotland Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Korea Spain Sri Lanka St. Helena St. Pierre And Miquelon St. Vincent And The Grenadines Sudan Suriname Svalbard And Jan Mayen Islands Swaziland Sweden Switzerland Syria Taiwan Tajikistan Tanzania, United Republic Of Thailand Togo Tokelau Tonga Trinidad And Tobago Tunisia Turkey Turkmenistan Turks And Caicos Islands Tuvalu U.S. Minor Outlying Islands Uganda Ukraine United Arab Emirates United Kingdom United States Uruguay Uzbekistan Vanuatu Vatican City State Venezuela Vietnam Virgin Islands (British) Virgin Islands, U.S. Wales Wallis And Futuna Islands Western Sahara Yemen Zambia Zimbabwe
postalCode string REQUIRED	Zip or postal code. Maximum of 20 characters.
state string	Name of the state, province, or territory. These countries require one of the states, provinces, or territories listed: Australia: ACT NSW NTT QLD SA TAS VIC WAU Brazil: ACRE ALBS AMPA AMZN BHIA CARA DFRL ESNT GOIS MARH MGSS MGDS MNSG PARA PRBA PRNA PRNB PIUI RDJN RGDN RGDS RNDA RORM SCRN SPLO SRGP TOCN Canada: AB BC MB NB NL NT NS NU ON PE QC SK YT Spain: ANDL ARGN ASTR BSQU BLRS CNRY CNTB MNCH CLYL CTLN CUTA EXTR GLCA RJLA MDRD MLLA MRCA NVRA VLNC United States: AK AL AR AZ CA CO CT DC DE FL GA HI IA ID IL IN KS KY LA MA MD ME MI MN MO MS MT NC ND NE NH NJ NM NV NY OH OK OR PA RI SC SD TN TX UT VA VT WA WI WV WY
street string	Street name.
optedInForEmail boolean	Specifies whether the user receives marketing emails from WatchGuard. The default value is false. This can be one of these values: true false

Example Request

This request returns the account ID for the new Partner account, whether the region is set, or a success email is sent.

curl -X GET
	https://api.usa.cloud.watchguard.com/rest/portal/account-mgmt/v1/accounts
	-H 'Authorization: Bearer eyJraWQiOiJNWnpabklNK2V6Q3BXUE5mM2FXTHhoSmEza0ltcEFMbnluT05DcFdIT2tZPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJjNDQyMTJlMi05MmI1LTRiOTYtYTRmNS1lYWRlODA4OTM1YjIiLCJjdXN0b206YXBpX2tleXMiOiJwMHM1UmQzUkF2NlR2d0VuWEx5YUphR2x0ZWtieEFVUzcwVGVzOXlGIiwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLXdlc3QtMi5hbWF6b25hd3MuY29tXC91cy13ZXN0LTJfa3hXeFdrTFZ5IiwiY29nbml0bzp1c2VybmFtZSI6IjAyNjk0OWM1OWI2NzIxOGNfcndfaWQiLCJhdWQiOiIzb3AybDBqazkxN3FudXFoZnVoanRvcXRzZyIsImV2ZW50X2lkIjoiODczM2ZmMjktOGNhMC00ODMyLTg0NzgtMDNiNWIxMDI3NmQ3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NjkzNTM0NDEsIm5hbWUiOiIwMjY5NDljNTliNjcyMThjX3J3X2lkIiwiY3VzdG9tOmFjY291bnRfaWQiOiJBQ0MtMTIzNTA2OCIsImV4cCI6MTU2OTM1NzA0MSwiY3VzdG9tOnJvbGUiOiIxIiwiaWF0IjoxNTY5MzUzNDQxfQ.MUAeG6QyM7Zog8mM--WK2uJVevLRwz8z2KPpGhQbUnHK04Hy_JdO4F4wH6IV0WVENGsBrcjp5boxcBZgdJE46123MGnB0HvghN5IoAZUOkfFPm7SAN68posHqYLoo14YNedc5GtvOzCxTmi9YepvE5LhsoC6Tgyc0e3ABn18gEZsyxmJFcMBHXOMei7AssYSWAdDyoI7j6jZslxmhXj7_h6T9PyqjLxLjFEq5S6oK9u4IVDVBlRxbURaRVAGb7ywfHiZEPDgceV-Wnv0AIhDzj5dL28AmiGIkWtWinF0UD-NSMKN4vtszK2sUWUSl8ZfVNGU650heiAaUAy7XmiqbA' 
	-H 'Content-Type: application/json' 
	-H 'WatchGuard-API-Key: s9t7El6RZFg8UcmRhYKdwXqBhyuioiWER83Nqd0tL'
	-d ' {
	"userInfo": {
		"email": "[email protected]",
		"firstName": "yasmine",
		"lastName": "iqbal",
		"phoneNumber": "5551234567",
		"username": "yiqbal497",
		"password": ""
	},
	"accountInfo": {
		"companyName": "Example Company",
		"region": "America",
		"industry": "Finance",
		"address": {
			"city": "Seattle",
			"country": "USA",
			"postalCode": "98104",
			"state": "WA",
			"street": "505 5th Avenue S Suite 500"
		   },
		  "optedInForEmail": true
		}
}'

Example Response

The response includes information about the account.

{
 "accountId": "ACC-12345678",
 "accountCreated": true,
 "regionSet": true,
 "emailSent": false
}

This table shows and describes the data returned in the response:

accountId string	Specifies the WatchGuard Portal account ID of the created account. Example: ACC-12345678
accountCreated boolean	Specifies whether the account is created. Example: true
regionSet boolean	Specifies whether the region is set for the created account. Example: true
emailSent boolean	Specifies whether the success email is sent to the user for the created account. Example: false

Status Codes

WatchGuard public APIs use HTTP status codes to indicate the success or failure of a request. This list includes status codes that can be returned with the Portal Account Management API and describes actions to take to resolve errors.

Status Code	Description	Action
200 Success	The request succeeded.	N/A
201 Created	The request succeeded and the resource was created.	N/A
400 Bad Request	The API does not understand the request because of bad syntax. This could be because: The request did not include a required parameter Request parameter data was not in the correct format Request parameters do not match the expected data types	To resolve this error, make sure that the request matches the expected syntax. Example: An account ID with nine characters is entered to create a new Partner account, instead of the required 11 character minimum.
401 Unauthorized	Authentication failed because credentials are missing or invalid.	Enter your credentials again, or contact WatchGuard Customer Care for assistance.
402 Forbidden	The request failed because you do not have permission to perform the action or access the resource.	Contact WatchGuard Customer Care for assistance.
404 Not Found	The resource specified in the request does not exist. Example: Your request includes an unknown account ID.	To resolve this error, make sure that the request includes a valid resource.
408 Request Timeout	The server timed out while it waited for the request.	Contact WatchGuard Customer Care for assistance.
409 Conflict	The request could not complete because of a conflict. Example: An existing user name or email address is used in the request to create a new WatchGuard Partner account.	Check your request again and make sure that every specified user name and email address is unique. Contact WatchGuard Customer Care for assistance.
500 Server Error	An error occurred on the server.	Contact WatchGuard Customer Care for assistance.