It seems like your browser didn't download the required fonts. Please revise your security settings and try again.


As of March 1, 2022, the legacy Barracuda Essentials Security, Compliance, and Complete editions are no longer available for purchase. Only existing customers can renew or add users to these plans.

Following October 30, 2022, the documentation and trainings will no longer be updated and will contain outdated information.

For more information on the latest Email Protection plans, see Barracuda Email Protection.

To update your bookmarks, see the following for the latest documentation and trainings:

Note that MSP customers should continue to follow Barracuda Essentials for MSPs.

Obtaining an Access Token

  • Last updated on

Returns an OAuth 2.0 access token to access the API. 

If you have not already  registered your application using the Barracuda Token Service to obtain a Client ID and Client Secret, see Registering your Application in the Barracuda Token Service.

After retrieving an access token, include it with all subsequent requests. 

Note that an access token is valid for 1 hour, after which it will expire and a new access token must be obtained. 




grant_typeRequiredOAuth grant type. This must be client_credentials.String

The list of permissions to request.
Currently supported:

  • ess:account:read
  • forensics:account:read

  • forensics:account:write

To request more than one scope, format your request with a space between scope names, as shown here:

--data-urlencode "scope=forensics:account:read forensics:account:write"
client_idRequiredYour application's Client ID generated from the Barracuda Token Service.String
client_secretRequiredYour application's Client Secret generated from the Barracuda Token Service.String



Response ItemDescriptionType
access_tokenThe access token issued by the authorization server.String
expires_inThe duration of time the token is granted for.String
token_typeThe type of token.String
scopeThe permissions assigned to the application.String

Sample Request

curl -u {client_id}:{client_secret} -X POST "" \
--header "Content-Type: application/x-www-form-urlencoded" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=ess:account:read"

Sample Response

    "access_token": "eyJhbGc3kj_iOiJSUzI1_NiIsInR5cCI6IkpXVCIsImtpZCI6IjJYSFN1VHdBZUph_VmJEWEhYLVRoQnBlbWlLZnBiUUlqNHNFWGc0X1F0NHMifQ.eyJqdGkiOiJuYVZJTC1lY0w4X0ZrTWdRR2FlWDAiLCJpYXQiOjE1OTY1NTUzNzksImV4cCI6MTU5NjU1ODk3OSwic2NvcGUiOiJ",
    "expires_in": 3600,
    "token_type": "Bearer",
	"scope": "ess:account:read"