Generating an API authorization token
Generate an API authorization token to authenticate to Cloud Pak for Data APIs.
Tokens and API keys are subject to authorization checks. Invocation of API endpoints depends on the role and permissions that you are granted in the Cloud Pak for Data platform and services.
Before you begin
To get an API authorization token, you must generate an API key by using the Cloud Pak for Data web client. For more information, see Generating API keys for authentication. You can use the web client when SAML 2.0 is configured as a web SSO.
You can also generate an API key programmatically by using the apiKey
endpoint but this endpoint requires a
Bearer
token and is not recommended.
About this task
You can use your username
and api_key
to generate a
ZenApiKey
authorization token to invoke Cloud Pak for Data APIs. This method requires one API call to an
endpoint.
ZenApiKey
does not expire but you can revoke it and regenerate it at any
time for increased security.Procedure
To generate an API authorization token, follow these steps.
What to do next
For most Cloud Pak for Data endpoints, you can use the generated API authorization token in the authorization header of subsequent API calls.
curl -H "Authorization: ZenApiKey ${TOKEN}" "https://<cpd_instance_route>/<endpoint>"