Create a child workspace (for MSPs)

A Coro workspace is a virtual environment that encapsulates all related information for an organization. You can create a workspace for each customer to connect to cloud applications, add protected users, and define settings and policies.

Get your credentials

You need a client ID and client secret to authenticate with the API and to obtain your bearer token for successful API requests. For details, see Authentication.

Make sure you also know the channel workspace ID to use when creating a new child workspace. You can find this though the Coro console, in User profile > My Workspaces.

Choose your programming language

Decide which language or environment you want to use to develop apps that use the Coro API.

Request your authentication token

Make a POST request to the /oauth/token resource endpoint using your Client ID and Client Secret. Each token is valid for 24 hours.

The request should appear similar to:

curlJavaScript
Copy
Copied
curl -i -X POST \
  https://api.secure.coro.net/oauth/token \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak",
    "client_secret": "9c9Dabz5nQT65LXfYt_61wxb9UssT7tpzTM-gVB4RJZB9gKDf1_TjO6o3eLcBaba",
    "audience": "https://api.secure.coro.net",
    "grant_type": "client_credentials"
  }'
Copy
Copied
const resp = await fetch(
  `https://api.secure.coro.net/oauth/token`,
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      client_id: '2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak',
      client_secret: '9c9Dabz5nQT65LXfYt_61wxb9UssT7tpzTM-gVB4RJZB9gKDf1_TjO6o3eLcBaba',
      audience: 'https://api.secure.coro.net',
      grant_type: 'client_credentials'
    })
  }
);
const data = await resp.json();
console.log(data);

The following table describes the parameters in the request:

Parameter Description Type Example Required
client_id The unique identifier for the client. This value is provided by Coro support. query 2qDgzSrZxnUCs4jqmfdEP5MVkEmA3Uak yes
client_secret The secret for the client. This value is provded by Coro support. query 9c9Dabz5nQT65LXfYt61wxb9UssT7tpzTM-gVB4RJZB9gKDf1TjO6o3eLcBaba yes
audience The URL for the Coro API server. https://api.secure.coro.net query yes
grant_type The method by which you want to request a bearer token for authentication. At this time, Coro only supports client_credentials. query client_credentials yes

A successful response appears similar to:

Copy
Copied
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked

{
  "access_token":"TRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNj.dcukG0cw3eh4jqEMCwxZ2N3mziZ2hpFbv4--VYrXA3Q",
  "token_type":"Bearer",
  "expires_in":86400
  }

The following table describes the parameters in the response:

Parameter Description Example
access_token The access token used to access API resources. TRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNjTRDNxdkVHYms0R2U1IiwiaWF0IjoxNj.dcukG0cw3eh4jqEMCwxZ2N3mziZ2hpFbv4--VYrXA3Q
token_type The type of token. Bearer
expires_in The expiration time of the token, in seconds. Each token is valid for 24 hours. 86400

Create a new workspace

Each workspace represents a separate organization. Create a child workspace for each of your customers. Make a POST request to the /workspaces resource endpoint.

The request should appear similar to:

curlJavaScript
Copy
Copied
curl -i -X POST \
  https://api.secure.coro.net/v1/workspaces \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \
  -H 'Workspace: channelWorkspace' \
  -d '{
    "companyName": "company1",
    "displayName": "company1",
    "type": "child",
    "domain": "company1Workspace.com",
    "adminEmail": "admin@company1Workspace.com",
    "maxProtectedUsers": 25,
    "notificationsLevel": "parent"
  }'
Copy
Copied
const resp = await fetch(
  `https://api.secure.coro.net/v1/workspaces`,
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      Workspace: 'channelWorkspace',
      Authorization: 'Bearer <access_token>'
    },
    body: JSON.stringify({
      companyName: 'company1',
      displayName: 'company1',
      type: 'child',
      domain: 'company1Workspace.com',
      adminEmail: 'admin@company1Workspace.com',
      maxProtectedUsers: 25,
      notificationsLevel: 'parent'
    })
  }
);
const data = await resp.json();
console.log(data);

The following table describes the parameters in the request:

Parameter Description Type Example Required
Workspace The channel workspace identifier, which isolates API requests inside the provided workspace scope. header channelWorkspace yes
companyName The name of the company for which the workspace is created. query company1 yes
displayName The name displayed for the workspace from the user interface. query company1 yes
type The type of workspace being created.
Options include: regular - for individual companies; channel - for the MSP parent level; child - for MSP customers.		 query child yes
domain The workspace domain. query company1Workspace.com yes
adminEmail The email of the administrator who manages the workspace. query admin@company1Workspace.com yes
maxProtectedUsers The maximum number of users allowed in the workspace. query 25 no
notificationsLevel The workspace admins who will receive notifications.
Options include: none, parent, all.		 query parent yes

A successful response appears similar to:

Copy
Copied
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked

{
  "id": "company1Workspace",
  "companyName": "company1",
  "displayName": "company1",
  "type": "child",
  "domain": "company1Workspace.com",
  "maxProtectedUsers": 25,
  "notificationsLevel": "parent"
  "parentWorkspaceId": "string",
  "protectedDevices": 0,
  "children": [
    "string"
  ],
  "mainAdminEmail": "string",
  "adminEmails": [
    "string"
  ],
  "lastAdminLoginTime": 1693562400000,
  "workspaceCreationTime": 1641009600000
}

The following table describes the parameters in the response:

Parameter Description Example
id The unique identifier of the new workspace. companyWorkspace
companyName The name of the company for which the workspace is created. company1
displayName The name displayed for the workspace from the user interface. company1
type The type of workspace being created.
Options include: regular - for individual companies; channel - for the MSP parent level; child - for MSP customers.		 child
domain The workspace domain. company1Workspace.com
maxProtectedUsers The maximum number of users allowed in the workspace. 25
notificationsLevel The workspace admins who will receive notifications.
Options include: none, parent, all.		 parent
parentWorkspaceId The unique identifier of the parent workspace, if applicable. parentWorkspace
protectedDevices The number of protected devices in the workspace. 215
children The child workspaces associated with the workspace, if applicable. company1Workspace_sub1
mainAdminEmail The initial admin email address provided when the workspace was created. admin1@company1workspace.com
adminEmails The email addresses of all admins associated with the workspace. admin2@company1workspace.com
lastAdminLoginTime The most recent login to the workspace by an admin user, in UNIX format, including milliseconds. 1693562400000
workspaceCreationTime The date the workspace was created, in UNIX format, including milliseconds. 1641009600000

Add protected users

Add protected users to the workspace to protect and monitor their activities. Make a POST request to the /users resource endpoint. Up to 200 users can be added in a single request.

The request should appear similar to:

curlJavaScript
Copy
Copied
curl -i -X POST \
  https://api.secure.coro.net/v1/users \
  -H 'Authorization: Bearer <access_token>' \
  -H 'Content-Type: application/json' \
  -H 'Workspace: company1Workspace' \
  -d '{
    "users": [
      {
        "email": "test@test.com",
        "name": "Harry Owen"
      }
    ]
  }'
Copy
Copied
const resp = await fetch(
`https://api.secure.coro.net/v1/users`,
{
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    Workspace: 'company1Workspace',
    Authorization: 'Bearer <access_token>'
  },
  body: JSON.stringify({
    users: [
      {
        email: 'awiggin@company1.com',
        name: 'Andrew Wiggin'
      }
    ]
  })
}
);
const data = await resp.json();
console.log(data);

The following table describes the parameters in the request:

Parameter Description Type Example Required
Workspace The workspace identifier, which isolates API requests inside the provided workspace scope. header company1Workspace yes
users -> email The user's email. query awiggin@company1.com yes
users -> name The user's name. query Andrew Wiggin no

A successful response appears similar to:

Copy
Copied
HTTP/1.1 200 OK
Content-Type: application/json
Date: {date}
X-Coro-Trace-Id: {trace-id}
Transfer-Encoding: chunked

{
  "users": [
    {
      "id": "62ff9653efef4b3ae04ab25e",
      "email": "awiggin@company1.com",
      "name": "Andrew Wiggin",
      "protectedUser": true
    }
  ]
}

The following table describes the parameters in the response:

Parameter Description Example
users -> id The unique identifier of the user. 62ff9653efef4b3ae04ab25e
users -> email The user's email. awiggin@company1.com
users -> name The user's name. Andrew Wiggin
users -> protectedUser The protection status of the user.
Options include: true - protected; false - not protected.		 true