API authentication

Have more questions? Submit a request

Create a bearer token

πŸ€“ Who can do this? You will need to be an admin user to create a bearer token. However, you can share the token with anyone to give them programmatic access.

To create a bearer token:

  1. From the left menu of any screen, click Admin.
  2. Under Workspace, click API Tokens.
  3. In the upper right of the API Tokens table, click the Generate API Token button:
    1. For Name enter a name for your API token, for example the system or application that will use this token.
    2. (Optional) For Description enter a description for your API token, for example its intended use. You can also add or change the description later.
    3. (Optional) For Personas select any asset-level permissions you want to give to the token. You can also add these later.
    4. (Optional) If you would like the token to be temporary, for Expiry choose the time after which the token should automatically become invalid.
    5. At the bottom right, click the Save button.
🚨 Careful! Remember to copy or download the token now β€” this is your only opportunity to do so. (If you've already forgotten, just delete the API token and create a new one.)

Use the bearer token

You must authenticate all requests to Atlan's APIs. You can authenticate your requests by sending the following header:

Authorization: Bearer <token>

So, for example, if the API token you copied had the value eyJhbGciOi..., you would use the header:

Authorization: Bearer eyJhbGciOi...
🚨 Careful! Note that the value of the Authorization header is the combination of the word Bearer, a space, and then the token's value. The token copied from Atlan does not include this Bearer prefix.

Token permissions

By default, each API token will have the permissions of an admin user. This means the token is able to:

  • Call administrative API endpoints. For example, to create users and groups.
  • Call governance API endpoints. For example, to create governance objects like classifications, custom metadata, personas and purposes.
  • Create, read, update, delete, and search glossaries (and their content).
  • Create, read, update, delete, and search any assets in a connection with All Admins configured as a connection admin (the default).

If there are connections without All Admins configured as the connection admin, the API token will not have any access to those assets. To provide access, you need to add one or more personas to the token that have access to that connection's assets.

Related articles

Was this article helpful?
0 out of 0 found this helpful