Authorization
  • 2 Minutes to read
  • Dark
    Light

Authorization

  • Dark
    Light

Article summary

Prerequisites

  • You have Dataddo username and password. You cannot use accounts handled by SSO. Best practice is to create a "system" user by navigating to your Dataddo account and then clicking on Team members and invite additional user to your account. It is important that such user will authenticate using username and password and not via Google or Microsoft SSO.

Obtaining the tokens

Use the following endpoint to obtain access and refresh tokens

Request

POST /auth

{
  "email": "string",
  "password": "string"
}
ParameterDescription
emailemail address associated with your account and used for login.
passwordpassword to your account.

Response

{
    "access_token":"ACCESS_TOKEN",
    "refresh_token":"REFRESH_TOKEN",
    "expires_in":3600,
    "realm_id":0,
    "provider":"google"
}
ParameterDescription
access_tokenBearer token used for authorization.
refresh_tokenRefresh token. You can use it for obtaining new access_token instead of providing email and password
expires_inTime in seconds of access_token validity.
realm_idRealm ID. This needs to be passed in the request header.
providerAuthorization provider. This needs to be passed in the request header.

Authorization for server-to-server communication

For server-to-server communication, supply the calls with Authorization, X-realm-id and X-provider HTTP headers.

GET /sources
Authorization: Bearer ACCESS_TOKEN
X-realm-id: REALM_ID
X-provider: PROVIDER

Authorization for web apps

For web apps you can set accessToken, refreshToken, realmId and provider cookies.

GET /sources
cookie: accessToken=ACCESS_TOKEN; refreshToken=REFRESH_TOKEN; realmId=REALM_ID; provider=PROVIDER

Sample code

Following sample code represents and implementation of authorization for web apps. For full working example, please consider looking into Sandbox application.

import axios from "axios"
import { useCookie } from "../composables/useCookie"
import { SignInResponseData, User, SourceGridItem, Token, DataPreview } from "../types/types"

export const dataddoCookies = ["dataddo-access-token", "dataddo-refresh-token", "dataddo-realm", "dataddo-provider"]
const [accessToken, refreshToken, realmId, provider] = dataddoCookies
const { setCookie, removeCookie } = useCookie()

const setDataddoCookies = (data: SignInResponseData): void => {
  setCookie(accessToken, data.access_token)
  setCookie(refreshToken, data.refresh_token)
  setCookie(realmId, data.realm_id)
  setCookie(provider, data.provider)
}

const removeDataddoCookies = (): void => {
  removeCookie(accessToken)
  removeCookie(refreshToken)
  removeCookie(realmId)
  removeCookie(provider)
}

const client = axios.create({
  baseURL: "/api/v2",
  withCredentials: true,
  headers: {
    Accept: "application/json",
    "Content-Type": "application/json",
  },
})

client.interceptors.response.use(
  (response) => {
    return response.data
  },
  (error) => {
    // extra logic for handling errors
    console.log(error)
  },
)

export default {
  auth: {
    signIn: async (email: string, password: string): Promise<SignInResponseData> => {
      const data: SignInResponseData = await client.post("/auth", { email, password })
      
      removeDataddoCookies()
      setDataddoCookies(data)

      return data
    },
  },
  user: {
    get: async (): Promise<User> => await client.get("/logged-member"),
  },
  grid: {
    sources: {
      get: async (): Promise<SourceGridItem[]> => await client.get("/grids/source"),
    },
  },
  tokens: {
    get: async (): Promise<Token[]> => {
      return await client.get("/tokens")
    },
  },
  source: {
    preview: async (sourceId: string, limit: number): Promise<DataPreview> => {
      return await client.get(`/sources/${sourceId}/preview?limit=${limit}`)
    },
    quality: async (sourceId: string, limit: number = 1000): Promise<any> => {
      return await client.get(`/sources/${sourceId}/detect?limit=${limit}`)
    },
  }
}


Was this article helpful?

What's Next