Skip to main content

API Authentication

Developer

To communicate with the DataCentral REST API, your application must authenticate itself. DataCentral uses tenant-scoped credentials to ensure that your API requests only affect your specific Tenant.

1. Generating Credentials

You will need two pieces of information to authenticate your requests:

  1. API Key: A unique identifier that tells DataCentral which application is making the request.
  2. Tenant Passphrase: A secret key used to encrypt payloads and prove authorization.

To generate these credentials:

  1. Log in to your DataCentral Tenant as an Administrator.
  2. Navigate to Administration > Settings > API & Integrations.
  3. Click Generate New API Key.
  4. A new API Key and Tenant Passphrase will be displayed.
  5. Copy both values immediately and store them securely. You will not be able to view the Passphrase again after leaving the page.

Security Note: If you suspect your API Key or Passphrase has been compromised, you can revoke them from the Settings page and generate new ones immediately.

2. Using the Credentials

The exact method of authentication depends on the specific API endpoint you are calling.

Embedding Endpoints

When calling the /embed/encryption endpoint to generate an iframe URL, you must provide both credentials:

  • The API Key is passed as a query string parameter.
  • The Tenant Passphrase is included in the JSON request payload.

Example Request:

curl -X POST "https://api.{instancename}.datacentral.ai/v1/embed/encryption?apiKey=YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -d '{
           "tenantPassphrase": "YOUR_TENANT_PASSPHRASE",
           "itemId": "e8a9c2f1-4b7d-4a1e-8f2c-9d3b5a6c7e8f",
           "userPrincipalName": "john.doe@example.com",
           "roleCodes": ["Region_EMEA", "Sales_Manager"]
         }'

Administration Endpoints

When calling the management endpoints (e.g., /users, /roles, /items), you must provide your API Key as a Bearer token in the Authorization header of your HTTP request.

Example Request:

curl -X GET "https://api.{instancename}.datacentral.ai/v1/users" \
     -H "Authorization: Bearer YOUR_API_KEY" \
     -H "Content-Type: application/json"

Next Steps

Now that you know how to authenticate, you can proceed to use the Embedding API to integrate reports into your application, or use the Admin API to automate user management.