Version 23.0.9145

• Use Authtokens in Basic Authentication
• Use Auth Tokens in the HTTP Header
• Use Authtokens as Query String Parameters
  • .NET
  • Java

You can authorize users to access API entities with authtokens. Provide authtokens in HTTP authentication, as shown below. You can manage users and allowed IP addresses on the Server tab in the administration console.

Before calling the API, you need to specify which IP addresses can connect in Settings > Service. By default, all IP addresses are allowed.

Use Authtokens in Basic Authentication

When using Basic Authentication, use the user’s authtoken as the password.

Use Auth Tokens in the HTTP Header

Add the HTTP header x-cdata-authtoken with the desired authtoken as part of the HTTP request.

Use Authtokens as Query String Parameters

You can specify the authtoken as the value of the @authtoken parameter, which can be supplied as part of the HTTP form-post data or a query parameter. By default API Server does not support passing the authtoken in the query string parameters.

To enable this, set the following option in the Application section of your settings.cfg file.

[Application]
AllowAuthtokenInURL = true

.NET

For API Server versions 2021 and later, the settings.cfg file is located in C:\ProgramData\CData\apiserver\.

Versions 2020 and earlier stored settings.cfg in the app_data subfolder of the application root. Installations that were upgraded from versions prior to 2021 still use this location. By default, this is C:\Program Files\CData\CData API Server\www\app_data\.

Java

In the Cross-Platform edition, settings.cfg is in the data directory. The data directory location varies based on your operating system:

• Windows: C:\ProgramData\CData
• Unix or Mac OS X: ~/cdata