Admin API Authentication

All requests to our admin API's must be authenticated using an Authorization: Bearer header, with the bearer token being obtained from the Data8 OAuth token server at https://auth.data-8.co.uk/connect/token.

To generate an authentication token, you will need to provide a client ID and client secret which can be generated on the Custom Apps page of the your Dashboard. To generate a client ID and secret, click the Add New button. In the sidebar, enter a description (name) for the app, and click Save to generate a client ID.

Once the client ID has been created, you will be able to add a new client secret. Click the Add New button under Secrets and enter a description for the secret. You may also want to enter an expiry date, although this is optional. Click the Save button to generate a client secret. This will be the only time you can see the secret so be sure to copy it and keep it somewhere safe. This is essentially a password to authenticate your account.

Now that you have generated a client ID and secret, you should be able to use them in an authorisation request to obtain an authentication token.

An example of how the authentication request may look in C#:

public static async Task<ApplicationException> AuthenticateUserDetails(HttpClient client, string authUrl, string clientId, string clientSecret)
{
    var disco = await client.GetDiscoveryDocumentAsync("https://auth.data-8.co.uk/");

    if (disco.IsError)
        throw new ApplicationException(disco.Error);

    // ClientId and ClientSecret will be sent to you along with the details of your workflow.
    token = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
    {
        Address = disco.TokenEndpoint,
        ClientId = clientId,
        ClientSecret = clientSecret,
        Scope = "BatchApi"
    });

    if (token.IsError)
        throw new ApplicationException(token.Error);

    return null;
}