Skip to main content

Getting Started with the API - Authentication

Get an access token and start using the dScribe Catalog API

Updated over 6 months ago

Before diving into the API, ensure you have the following prerequisites:

  1. dScribe Account: A registered dScribe account is required to access the API.

  2. API Key: Obtain an API key through your dScribe account for authentication.

  3. Familiarity with RESTful Principles: Basic knowledge of RESTful conventions and HTTP methods (GET, POST, PUT, DELETE) is recommended.

Creating an API key

To get started with the dScribe API, you'll need an API key, which you can obtain by signing up for an account on our website. After, navigate to the Api Keys tab on the admin page.

After you created a key, you will see your client_id and client_secret. This will only be shown once, store it somewhere safe.

The client_id and client_secret can now be exchanged for an access_token to make authenticated requests. This token will be valid for 15 days. Add it as a Bearer token to the Authorization header.

Authorization: Bearer yholmghj8§hbfg...

Get a JWT token

POST /catalog/api/api-token

To get a JWT token you can send a POST request to https://__tenant__.dscribe.cloud/catalog/api/api-token.

The body should be url encoded and contain the following information:

Key

Value

client_id

<client_id>

client_secret

<client_secret>

grant_type

client_credentials

scope

default

A succesful response should contain the access token to make authenticated requests:

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI....",
}

Creating a read only API key

Alternatively, you can create an API key that only allows read access to dScribe resources. Navigate to the API keys tab, create a key and select the read only flag.

Get a ready-only JWT token

POST /catalog/api/api-token

To get a JWT token you can send a POST request to https://__tenant__.dscribe.cloud/catalog/api/api-token.

The body should be url encoded and contain the following information:

Key

Value

client_id

<client_id>

client_secret

<client_secret>

grant_type

client_credentials

scope

read_assets

Note the different scope that has to be passed to the request.

Make your first request

With the access_token, you can now perform any request supported by our API. Take a look at our swagger file to start implementing your integrations.

API documentation

Did this answer your question?