Kenesto Auth API

Kenesto Web API provides the same RESTful API that Kenesto web app and Kenesto Drive uses. You can use it for all the same operations for manipulating folders and documents. You must first be registered with Kenesto which means you must have an account in Kenesto to use the API.



Your application must use OAuth 2 to authenticate a user and obtain access tokens and refresh tokens. The authentication process has been shown separately later in this document with input and output examples.



Currently, the hostname for API calls is It may change in the future.



Kenesto uses JSON as well as XML both for request and response.



Kenesto returns standard HTTP status codes.

Authentication Example

This sample or example shows Kenesto Web API which is the REST API currently used by the Kenesto Drive™ for authentication, authorization and application operations.

Any call to the API can be done by a regular GET http request and the response can be retrieved in XML or JSON depending on the call arguments.


For a user to have access to Kenesto operations, two requests should be made. Access.svc is the service for authentication and authorization.

Step 1:

https://{kenesto hostname}/Kenesto.Web.API/Access.svc/Authenticate/{method]/{accessKey}?u={username}&p={password}


  1. method: xml or json
  2. accessKey: unique business client identifier (to identify the caller organization allowed to use the API. Ask Kenesto for your identifier).
  3. username of the user requested to be authenticated
  4. password of the user requested to be authenticated (Note: if your password includes special characters, such as “?”,”&”, “#”, etc’, please use urlencode).



The response or the output is a structure that has the details required to know if the authentication succeeded and the organizations information to which the user wants to access.

The organization identifier and the token received are used for the Login call to receive a session token that will be used for the rest of the API calls.

Step 2:

https://{kenesto hostname}/Kenesto.Web.API/Access.svc/Login/{method}/{organizationIdentifier}?t={accessToken}


  1. method: xml or json
  2. organizationidentifier: received from the previous call¬† -remember to use the¬†organizationidentifier where “IsDefault” is ‘true’ – in case of multi tenant user.
  3. accessToken: the token received from previous call – remember to encode the token before use.


The token included in the response is to be used for all subsequent API calls.

Have a Question?