Authenticating REST commands

All REST calls require an authentication token to confirm the identity of the issuer.

Note: This topic illustrates how to authenticate a REST command using Python. You can follow a similar procedure using other programming languages such as Curl, Perl, or JavaScript.
To request a token, issue the following statements:
from pprint import pprint
import requests
from requests import Response

restHostname = "rest_hostname"
dbHostname = "db_hostname"
username = "username"
password = "password"
token = ""

def authenticate():
    global token
    url = "https://%s:50050/v1/auth"% (restHostname)
    json = {
        "dbParms": {
            "dbHost": dbHostname,
            "dbName": "BLUDB",
            "dbPort": 50001,
            "isSSLConnection": True,
            "username": username,
            "password": password,
        "expiryTime": "24h"
    response =, verify = False, json = json, proxies = None)
    if response.status_code == 200:
        token = response.json()["token"]
        print("Authenticated user with token:", token)
The token is provided in the response. All subsequent calls require the token to be specified in their headers:
headers = {
        "content-type": "application/json",
        "authorization:" token
A token is valid until it expires (the expiry time is specified by the expiryTime parameter in the request), or until the REST server is restarted.
Note: If the Db2 REST server is locked against a single Db2 instance, as described in Downloading the REST service, the values provided during docker run override the parameters provided in the authentication call. See https://hostname:50050/docs#tag/Authentication to learn how to request a token when the container is run in this manner.