Version 25.3.9411

• Use Authtokens in Basic Authentication
• Use Authtokens in the HTTP Header
• Use Authtokens as Query String Parameters

You can authorize users to access API entities with authorization (auth) tokens. Manage users from the Users page.

Before calling the API, you need to specify which IP addresses can connect by navigating to Settings > Server > Trusted IP Addresses. By default, all IP addresses are allowed.

Use Authtokens in Basic Authentication

When you use Basic Authentication, specify the user’s auth token as the password.

Use Authtokens in the HTTP Header

Add the HTTP header x-cdata-authtoken with the desired auth token as part of the HTTP request.

Use Authtokens as Query String Parameters

You can specify the auth token as the value of the @authtoken parameter, which can be supplied as part of the HTTP form-post data or as a query parameter. By default, API Server does not support passing the auth token in the query string parameters.

To enable this, set the following option in the Application section of your settings.cfg file.

[Application]
AllowAuthtokenInURL = true

The settings.cfg file is in the data directory. Its location varies by operating system:

• Windows: C:\ProgramData\CData\apiserver
• UNIX or Mac OS X: ~/cdata