The Data360 DQ+ API allows you to access the application via third party applications.
The information in this section is provided in conjunction with the GraphiQL API Console, where you can test out queries. You can access the API Console from the application by navigating to Admin > API Console.
The API console
1) Type your query in the text box on the left side of the screen. For auto complete, you can use the shortcut Ctrl + Space.
2) Click the Play button to run a query. You can also use the shortcut Ctrl + Enter to run a query.
3) The response is displayed on the right side of the screen.
4) Click Docs to see a list of available queries and mutations.
5) Click to expand the Query Variables text box where you can enter variable definitions.
Create an application user
To connect to Data360 DQ+ from an external application, you first need to create an Application user:
- Sign in to Data360 DQ+. Note that only Admin users can create an Application user.
- From the menu in the top left corner of the page, navigate to Admin > Users.
- Click New, then select Application.
- Assign an email address, password and display name to the Application user. You will need to use the email address and password as verification credentials when connecting to Data360 DQ+ from an external application, see Authentication. The Application user's display name is purely for informational purposes and can be changed at any time.Note: Application users cannot sign in to the Data360 DQ+ user interface.
- Assign the required permissions to the Application user by adding them to User groups and Environment groups.Note: For a user to successfully use the API, the Application user must have the required permission.
Basic authentication
You can use HTTP Basic authentication to access the Data360 DQ+ API.
To authenticate, you must provide a base64-encoded value of the Application user email address and password in the request header, in this format:
Authorization:Basic <base64-encoded authentication value>
You can use Postman or a similar tool to generate the encoded value from the Application user email address and password.
For example:
curl -X POST -H "Content-Type:application/json" -H "Authorization:Basic <base64-encoded value>" -H "Accept:application/json" http://subdomain.example.com/api
This example shows the header information for the same request for use when connecting to the Data360 DQ+ API via an API client, where the username is the email address of the Application user:
POST https://subdomain.example.com/api HTTP/1.1Authorization: <username>:<password>
Content-Type: application/json
Accept: application/json
The API is accessible from the following URL, where <subdomain> is replaced with the name of your subdomain:
http://<subdomain>.example.com/api
JSON Web Token (JWT) authentication
In addition to Basic authentication, Data360 DQ+ supports using JWT tokens as an authentication method for API calls. JWT token authentication allows users to access Data360 DQ+ APIs with an OAuth2 access token, eliminating the need to pass user credentials, as required by Basic authentication.
To obtain an OAuth access token (which is a JWT token), refer to your authorization server’s documentation. For testing purposes, you can follow the steps provided in Postman's OAuth 2.0 guide (https://learning.postman.com/docs/sending-requests/authorization/oauth-20/) as an example of how to generate an OAuth2 access token.To enable JWT authentication:
- Select .
- Ensure that the OAuth2 JWT Authentication Enabled switch is set to Yes.
- Configure the fields:
- Trusted Issuer URI - Specify the issuer of the JWT. Must match the 'iss' claim value in the JWT that is being authenticated.
- Subject (sub) Claim Mappings - Mappings between the 'sub' claim to a Data360 DQ+ user's email. This is typically done only when the user's email information is not available in the JWT. If the email is available in the token, use the Email Claim Name field instead to specify how to retrieve the user's email.
- Email Claim Name - The claim name that represents the user's email in the JWT. If not specified, it defaults to 'email'. If 'email' is not present, it uses the 'sub' claim. The system uses the value of this claim to match the user in Data360 DQ+ with the same email address. This user must be registered, claimed, and active in Data360 DQ+.
- Groups Claim Name - The claim name that represents the user's group in the JWT. If not specified, it defaults to 'groups'.
- JWTKS URI - The JWKS URI used to verify the JWT's signature. If not specified, default endpoints will be used.
- Click Save Changes.
Make a request
A request is made up of the following pieces of information:
- Request headers - Provide information to the client and server, including authentication credentials and accepted data formats.
- Queries and mutations - The body of the request. GraphQL is the query language for the Data360 DQ+ API.
Request headers
| Header key | Description |
|---|---|
| Authorization |
Specifies the base64-encoded Application user email address and password.
For example:
|
| Content-Type |
Specifies the format of the data:
|
| Accept |
Specifies the data format that is acceptable for the response:
|
| Host |
Specifies the domain name or IP address of the host that serves the API:
|
Unlike typical REST APIs that use multiple endpoints, the GraphQL API is organized in terms of types and fields, and a single query makes up the request body. GraphQL queries enable you to fetch lots of related data in one request, rather than needing to make several requests using multiple endpoints as in a classic REST API.
There are two types of operations that you can use in a request, Query and Mutation.
Query - A query reads data, and is formatted as follows:
query {Fields to return}Mutation - A mutation modifies data.
The Data360 DQ+ API conforms to the mutation API convention as specified at https://relay.dev/docs/guided-tour/updating-data/graphql-mutations/.
A mutation is structured as follows:
mutation { mutationName(input: {InputFields}) { PayloadFields}To form a mutation, you must specify the following:
- The mutation name - The type of modification to perform.
- Input fields - The data you want to send to the server.
- Payload - The data (fields) you want to return from the server.
For more information about GraphQL queries and mutation, see the GraphQL documentation:
Example request
The following query returns a list of all environments:
curl -X POST -H "Content-Type:application/json" -H "Authorization:Basic <base64-encoded value>" -H "Accept:application/json" -d '{"query":"query{envs {nodes {name}}}","variables":null}' https://subdomain.example.com/api
The following example shows the header information for the same request for use when connecting to the Data360 DQ+ API via an API client:
POST https://subdomain.example.com/api HTTP/1.1Authorization: <username>:<password>
Content-Type: application/json
Accept: application/json
Example response
The response shows that there are two environments in the system, called Dev and UAT:
{
"data": {
"envs": {
"nodes": [
{
"name": "Dev"
},
{
"name": "UAT"
}
]
}
}
}