Use an API Token for Authentication
Using browser-based authentication via an OpenID Connect (OIDC) Identity Provider may not be convenient if you want to use the GoodData Cloud Native (GoodData.CN) API from the command line or some application. For these use cases, you can issue an API token and then use it to access the GoodData.CN resources on behalf of the issuing user.
To use the API token, do the following:
Generate the API Token
To generate the API token, use one of the following methods:
Submit a
POSTrequest to/api/entities/users/{:userId}/apiTokens.In the
Authorizationheader of the request, provide the value of a different token (another user’s API token or the$GDC_API_TOKEN).curl --request POST -H 'Content-type: application/vnd.gooddata.api+json' \ -H 'Authorization: Bearer <other-token>' \ -d '{"data":{"id":"mynewtoken","type":"apiToken"}' \ https://analytics.alpha.example.com/api/entities/users/john.doe/apiTokens | \ jq data.attributes.bearerTokenUse a valid authenticated session.
Open a web browser with an authenticated session to the Organization’s pages.
Open the browser’s Developer Tools.
In the following command, replace
{userId}with your actual user ID, and run the command in the JavaScript console:fetch('/api/entities/users/{userId}/apiTokens', { method: 'POST', body: JSON.stringify({ data: { id: 'mynewtoken', // provide a unique ID of the API token type: 'apiToken' } }), headers: { 'Content-type': 'application/vnd.gooddata.api+json' } }) .then(res => res.json()) .then(data => console.log(`Your new API token is ${data.data.attributes.bearerToken}`));
The generated API token looks similar to the following:
am9obi5kb2U6bXluZXd0b2tlbjptbElGWGg1WkJ5K1YzRmFtdHhaYjhsUTU4aXIwS2svWQ==
Copy and store the API token. If lost, the API token cannot be retrieved, and you will have to generate a new one.
Use the Generated API Token in HTTP Requests
To authenticate using the API token, add the Authorization: Bearer $GDC_API_TOKEN header to your HTTP request.