You can authorize users to access API entities with authtokens. Provide authtokens in HTTP authentication, shown below. You can manage Users and allowed IP addresses on the Service tab in the administration console.

Before calling the API, you also need to allow specific IP addresses to connect in Settings -> Service. By default, all IP addresses are allowed.

Use Auth Tokens in Basic Authentication

The user’s auth token should be used as the password when using Basic Authentication.

Use Auth Tokens in the HTTP Header

Add the HTTP header “x-cdata-authtoken” with the desired auth token as part of the HTTP request.

Use Authtokens as Query String Parameters

You can specify the authtoken as the value of the @authtoken parameter, which can be supplied as part of the HTTP form-post data or a query parameter. However, by default the API Server does not support passing the authtoken in the query string parameters.

You can enable this by setting the following option in the Application section of your settings.cfg file.

[Application]
AllowAuthtokenInURL = true

.NET

Starting with the 2021 version of the CData API Server, the settings.cfg file is located in C:\ProgramData\CData\apiserver\.

Versions 2020 and earlier stored the settings.cfg file in the app_data subfolder of the application root. Installations that were upgraded from versions prior to 2021 still use this location. By default, this is C:\Program Files\CData\CData API Server\www\app_data\.

Java

In the Java edition, this is located in the data directory. The location of the data directory depends on your operation system:

• Windows: C:\ProgramData\CData
• Unix or Mac OS X: ~/cdata