Generating a ZenApiKey authorization token

You can generate a ZenApiKey authorization token to authenticate to IBM Cloud Pak for Data APIs.

Tokens and API keys are subject to authorization checks. Invocation of API endpoints depends on the role and permissions that you are granted on the platform and in services.

Before you begin

To get a ZenApiKey authorization token, you must use an API key. You can generate an API key by using the IBM Cloud Pak for Data web client. For more information, see Generating API keys for authentication.

About this task

You can use your username and api_key to generate a ZenApiKey authorization token to invoke IBM Cloud Pak for Data APIs. This method requires one API call to an endpoint.

Note: You can revoke a ZenApiKey and regenerate it at any time. A ZenApiKey expires only if an admin has enabled API key expiration. Otherwise, the Zen API key does not expire.

Procedure

To generate a ZenApiKey authorization token, follow these steps.

  1. Generate the ZenApiKey token by using the following command. 
    echo "<username>:<api_key>" | base64

    Replace <username> and <api_key> with the correct values for your environment.

  2. Optional: Export the ZenApiKey token from the response in step 1 to an environment variable if you need to use it in multiple situations. 
    export TOKEN=<base64-encoded-user-api-pair>
  3. Use the ZenApiKey token to authenticate to an endpoint. 
    curl -H "Authorization: ZenApiKey ${TOKEN}" "https://<platform_instance_route>/<endpoint>"

    For more information, see Authentication in the IBM® Software Hub Platform APIs.

What to do next

For most IBM Cloud Pak for Data endpoints, you can use the generated ZenApiKey authorization token in the authorization header of subsequent API calls.

curl -H "Authorization: ZenApiKey ${TOKEN}" "https://<platform_instance_route>/<endpoint>"

If you need a bearer token in your endpoint, see Generating a bearer token.