Create a child workspace (for MSPs)
A Coro workspace is a virtual environment that encapsulates all related information for an organization. You can create a workspace for each customer to connect to cloud applications, add protected users, and define settings and policies.
Get your credentials
You need a client ID and client secret to authenticate with the API and to obtain your bearer token for successful API requests. For details, see Authentication.
Make sure you also know the channel workspace ID to use when creating a new child workspace. You can find this though the Coro console, in User profile > My Workspaces.
Choose your programming language
Decide which language or environment you want to use to develop apps that use the Coro API.
Request your authentication token
Make a POST request to the /oauth/token resource endpoint using your Client ID and Client Secret. Each token is valid for 24 hours.
The request should appear similar to:
curl -i -X POST \
https://api.secure.coro.net/oauth/token \
-H 'Content-Type: application/json' \
-d '{
"client_id": "2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak",
"client_secret": "9c9Dabz5nQT65LXfYt_61wxb9UssT7tpzTM-gVB4RJZB9gKDf1_TjO6o3eLcBaba",
"audience": "https://api.secure.coro.net",
"grant_type": "client_credentials"
}'const resp = await fetch(
`https://api.secure.coro.net/oauth/token`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
client_id: '2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak',
client_secret: '9c9Dabz5nQT65LXfYt_61wxb9UssT7tpzTM-gVB4RJZB9gKDf1_TjO6o3eLcBaba',
audience: 'https://api.secure.coro.net',
grant_type: 'client_credentials'
})
}
);
const data = await resp.json();
console.log(data);The following table describes the parameters in the request:
| Parameter | Description | Type | Example | Required |
|---|---|---|---|---|
client_id | The unique identifier for the client. This value is provided by Coro support. | query | 2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak | yes |
client_secret | The secret for the client. This value is provded by Coro support. | query | 9c9Dabz5nQT65LXfYt_61wxb9UssT7tpzTM-gVB4RJZB9gKDf1_TjO6o3eLcBaba | yes |
audience | The URL for the Coro API server. | https://api.secure.coro.net | query | yes |
grant_type | The method by which you want to request a bearer token for authentication. At this time, Coro only supports client_credentials. | query | client_credentials | yes |
A successful response appears similar to:
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked
{
"access_token":"TRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNj.dcukG0cw3eh4jqEMCwxZ2N3mziZ2hpFbv4--VYrXA3Q",
"token_type":"Bearer",
"expires_in":86400
}The following table describes the parameters in the response:
| Parameter | Description | Example |
|---|---|---|
access_token | The access token used to access API resources. | TRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNj.dcukG0cw3eh4jqEMCwxZ2N3mziZ2hpFbv4--VYrXA3Q |
token_type | The type of token. | Bearer |
expires_in | The expiration time of the token, in seconds. Each token is valid for 24 hours. | 86400 |
Create a new workspace
Each workspace represents a separate organization. Create a child workspace for each of your customers. Make a POST request to the /workspaces resource endpoint.
The request should appear similar to:
curl -i -X POST \
https://api.secure.coro.net/v1/workspaces \
-H 'Authorization: Bearer <access_token>' \
-H 'Content-Type: application/json' \
-H 'Workspace: channelWorkspace' \
-d '{
"companyName": "company1",
"displayName": "company1",
"type": "child",
"domain": "company1Workspace.com",
"adminEmail": "admin@company1Workspace.com",
"maxProtectedUsers": 25,
"notificationsLevel": "parent"
}'const resp = await fetch(
`https://api.secure.coro.net/v1/workspaces`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
Workspace: 'channelWorkspace',
Authorization: 'Bearer <access_token>'
},
body: JSON.stringify({
companyName: 'company1',
displayName: 'company1',
type: 'child',
domain: 'company1Workspace.com',
adminEmail: 'admin@company1Workspace.com',
maxProtectedUsers: 25,
notificationsLevel: 'parent'
})
}
);
const data = await resp.json();
console.log(data);The following table describes the parameters in the request:
| Parameter | Description | Type | Example | Required |
|---|---|---|---|---|
Workspace | The channel workspace identifier, which isolates API requests inside the provided workspace scope. | header | channelWorkspace | yes |
companyName | The name of the company for which the workspace is created. | query | company1 | yes |
displayName | The name displayed for the workspace from the user interface. | query | company1 | yes |
type | The type of workspace being created. Options include: regular - for individual companies; channel - for the MSP parent level; child - for MSP customers. | query | child | yes |
domain | The workspace domain. | query | company1Workspace.com | yes |
adminEmail | The email of the administrator who manages the workspace. | query | admin@company1Workspace.com | yes |
maxProtectedUsers | The maximum number of users allowed in the workspace. | query | 25 | no |
notificationsLevel | The workspace admins who will receive notifications. Options include: none, parent, all. | query | parent | yes |
A successful response appears similar to:
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked
{
"id": "company1Workspace",
"companyName": "company1",
"displayName": "company1",
"type": "child",
"domain": "company1Workspace.com",
"maxProtectedUsers": 25,
"notificationsLevel": "parent"
"parentWorkspaceId": "string",
"protectedDevices": 0,
"children": [
"string"
],
"mainAdminEmail": "string",
"adminEmails": [
"string"
],
"lastAdminLoginTime": 1693562400000,
"workspaceCreationTime": 1641009600000
}The following table describes the parameters in the response:
| Parameter | Description | Example |
|---|---|---|
id | The unique identifier of the new workspace. | companyWorkspace |
companyName | The name of the company for which the workspace is created. | company1 |
displayName | The name displayed for the workspace from the user interface. | company1 |
type | The type of workspace being created. Options include: regular - for individual companies; channel - for the MSP parent level; child - for MSP customers. | child |
domain | The workspace domain. | company1Workspace.com |
maxProtectedUsers | The maximum number of users allowed in the workspace. | 25 |
notificationsLevel | The workspace admins who will receive notifications. Options include: none, parent, all. | parent |
parentWorkspaceId | The unique identifier of the parent workspace, if applicable. | parentWorkspace |
protectedDevices | The number of protected devices in the workspace. | 215 |
children | The child workspaces associated with the workspace, if applicable. | company1Workspace_sub1 |
mainAdminEmail | The initial admin email address provided when the workspace was created. | admin1@company1workspace.com |
adminEmails | The email addresses of all admins associated with the workspace. | admin2@company1workspace.com |
lastAdminLoginTime | The most recent login to the workspace by an admin user, in UNIX format, including milliseconds. | 1693562400000 |
workspaceCreationTime | The date the workspace was created, in UNIX format, including milliseconds. | 1641009600000 |
Add protected users
Add protected users to the workspace to protect and monitor their activities. Make a POST request to the /users resource endpoint. Up to 200 users can be added in a single request.
The request should appear similar to:
curl -i -X POST \
https://api.secure.coro.net/v1/users \
-H 'Authorization: Bearer <access_token>' \
-H 'Content-Type: application/json' \
-H 'Workspace: company1Workspace' \
-d '{
"users": [
{
"email": "test@test.com",
"name": "Harry Owen"
}
]
}'const resp = await fetch(
`https://api.secure.coro.net/v1/users`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
Workspace: 'company1Workspace',
Authorization: 'Bearer <access_token>'
},
body: JSON.stringify({
users: [
{
email: 'awiggin@company1.com',
name: 'Andrew Wiggin'
}
]
})
}
);
const data = await resp.json();
console.log(data);The following table describes the parameters in the request:
| Parameter | Description | Type | Example | Required |
|---|---|---|---|---|
Workspace | The workspace identifier, which isolates API requests inside the provided workspace scope. | header | company1Workspace | yes |
users -> email | The user's email. | query | awiggin@company1.com | yes |
users -> name | The user's name. | query | Andrew Wiggin | no |
A successful response appears similar to:
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked
{
"users": [
{
"id": "62ff9653efef4b3ae04ab25e",
"email": "awiggin@company1.com",
"name": "Andrew Wiggin",
"protectedUser": true
}
]
}The following table describes the parameters in the response:
| Parameter | Description | Example |
|---|---|---|
users -> id | The unique identifier of the user. | 62ff9653efef4b3ae04ab25e |
users -> email | The user's email. | awiggin@company1.com |
users -> name | The user's name. | Andrew Wiggin |
users -> protectedUser | The protection status of the user. Options include: true - protected; false - not protected. | true |