REST API

Starting with the update 8.0u20210715, the Data Catalog provides a stateless REST API to perform programmatically all the tasks explained in this guide.

The documentation of this REST API is available on:

  • Starting with the update 8.0u20220126: http://<host>:<port>/denodo-data-catalog/swagger-ui/index.html

  • With the previous update (8.0u20210715): http://<host>:<port>/denodo-data-catalog/swagger-ui.html

Note

Previous versions of Data Catalog (7.0, 8.0GA and 8.0u20210209) provided a REST API to perform the following tasks:

  • Synchronize with Virtual DataPort

  • Compute the usage statistics

  • Export metadata

  • Import metadata

  • Ping

This legacy REST API is documented in the entries that start with legacy-. Take into account that it is only kept for backward compatibility, but it is deprecated. You should consider migrate to the REST API of the current Data Catalog 8.0.

Authentication

Most of the endpoints in the REST API require authentication, so you must provide your credentials on every request. The REST API supports the HTTP Basic Authentication method. Follow these steps to provide your credentials:

  1. Build the user-pass by concatenating the user-id, a single colon character (:) and the password.

  2. Encode the user-pass using Base64 into a sequence of US-ASCII characters.

  3. Build a header with the name Authorization and the value Basic <BASE64-user-pass>

The following example retrieves the information of the new home page of the Data Catalog authenticating with the user admin and the password admin:

curl --location --request GET 'http://localhost:9090/denodo-data-catalog/public/api/home' --header 'Authorization: Basic YWRtaW46YWRtaW4='

If you have registered several Virtual DataPort servers in the Data Catalog, you must specify which one you want to connect to. Use the query parameter serverId with the internal identifier of the server as a value.

Note

You can obtain the internal identifiers of the Virtual DataPort servers registered in Data Catalog with the following endpoint of the REST API: /public/api/configuration/servers.

CORS configuration

In order to access the REST API of the Data Catalog from a cross-site environment, you must configure the Denodo Platform as follows:

  1. Do the steps of the section Initial Set-Up of CORS (you have done this already if you published a Denodo REST web service with CORS enabled).

  2. Before starting any server of this Denodo installation, edit the file <DENODO_HOME>/resources/apache-tomcat/conf/context.xml and change the default policy for the SameSite cookies to this:

    <CookieProcessor sameSiteCookies="none" />
    
  3. In the configuration file <DENODO_HOME>/conf/data-catalog/DataCatalogBackend.properties add or edit the property cors.enabled and set to true. To disable CORS, remove the property or set to false. In this file you can also set the following optional properties to fine-tune the CORS configuration:

    • cors.allowedOrigins: set a list of origins allowed to execute cross-origin requests (separate each origin by a space). For example, cors.allowedOrigins=http://localhost:3000 https://localhost:3000. By default, the value of the property cors.allowedOrigins is *. This means that any domain can execute cross-origin requests.

    • cors.allowCredentials: if is set to true, the client will expose the response credentials to frontend JavaScript when the request’s credentials mode is include. By default, the value of the property cors.allowCredentials is true.

    • cors.allowedHeaders: set a list of HTTP headers that can be used in cross-origin requests (separate each HTTP header by a space). For example, cors.allowedHeaders=content-type uri x-xsrf-token. By default, the value of the property cors.allowedHeaders is *. This means that cross-origin requests can use any HTTP header.

    • cors.allowedMethods: set a list of HTTP methods allowed in cross-origin requests (separate each HTTP method by a space). For example, cors.allowedMethods=GET POST PUT DELETE. By default, the value of the property cors.allowedMethods is *. This means that cross-origin requests can use any HTTP method.