Before making other REST API requests, your REST client must make a an access token request with a valid Cohesity username and password. This POST request returns an access token and type in the response that is generated by the Cohesity Cluster. Subsequent requests to other Cohesity REST API operations must specify the returned access token and type by setting 'Authorization' in the http header in the following format:
Authorization: token_type access_token
The generated token is valid for 24 hours. If a request is made with an expired token, the 'Token expired' error message is returned. Add code to your REST client to check for this error and request another access token before reissuing the request.

Note:This endpoint is unavailable when session management is enabled.
Please use the POST /users/sessions endpoint to generate a session token for request authentication."