Jump to content
Updated Privacy Statement
  • 1

What is the right API call to request the Bearer Token (CWSAuth)?

Danny Wannagat




How can I get the CWSAuth Token via an API call?

I have the Client ID and the Client Secret.


But that I can't use to authenticate for API calls (http get) like:





I need the CWSAuth token for that.


How can I programatically get that? C# example appreciated.


Kindest regards


Link to comment

1 answer to this question

Recommended Posts

  • 3

@Danny Wannagat


The endpoint to be used to generate Bearer Token is;
https://trust.citrixworkspacesapi.net/{customer}/tokens/clients where you have to replace {customer} with your customer Id. You can make a POST request to the above endpoint with ClientId and ClientSecret as part of a JSON Object.


Following is a C# console snippet fetching and printing the admins using the Auth token:


using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;

namespace BearerToken
    class AuthData
        public string ClientId { get; set; }
        public string ClientSecret { get; set; }

    class TrustResponse
        public string principal { get; set; }
        public string locale { get; set; }
        public string subject { get; set; }
        public string token { get; set; }
        public string openIdToken { get; set; }
        public int expiresIn { get; set; }

    class Program
        private static readonly HttpClient client = new HttpClient();

        private static string GetBearerToken(AuthData auth, string customer)
            var requestUri = "https://trust.citrixworkspacesapi.net/" + customer + "/tokens/clients";
            var jsonBody = Newtonsoft.Json.JsonConvert.SerializeObject(auth);
            var resp = client.PostAsync(requestUri, new StringContent(jsonBody, Encoding.UTF8, "application/json"));
            var content = resp.Result.Content.ReadAsStringAsync();
            var responseObj = Newtonsoft.Json.JsonConvert.DeserializeObject<TrustResponse>(content.Result);
            var bearerToken = responseObj.token;
            return bearerToken;

        private static string GetAdmins(string token, string customer)
            var requestUri = "https://delegatedadministration.citrixworkspacesapi.net/" + customer + "/administrators";
            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("CwsAuth", "Bearer=" + token);
            var resp = client.GetAsync(requestUri);
            var content = resp.Result.Content.ReadAsStringAsync();
            return content.Result;
        static void Main(string[] args)
            var customer = "<your customer>";
            var myAuthData = new AuthData
                ClientId = "<Your client id>",
                ClientSecret = "<Your client secret>"
            var token = GetBearerToken(myAuthData, customer);
            var admins = GetAdmins(token, customer);
            // Deserialize and process admins as desired


  • Like 3
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...