JWT

This section shows you how to use /auth/signin endpoints to generate JSON web tokens (JWTs) so you can run Collibra DQ CURL commands in your environment.

The endpoints that let you generate JWTs include the following:

• /v3/auth/signin
• /v2/auth/signin
• /auth/signin

Tip It is best practice to use the /v3/auth/signin endpoint to generate a JWT.

After you have a JWT, you can use it to authorize any API call in Collibra DQ, depending on your user-based role.

Note JWT generated in Collibra DQ use a HMACSHA256 keyed hash algorithm.

Single-tenant

To get a JWT to authorize calls in a single-tenant environment, execute the following request:

TOKEN=$(curl -s -X POST http://localhost:9000/auth/signin -H "Content-Type:application/json" -d "{\"username\":\"<username>\", \"password\":\"<password>\"}"| jq -r '.token')

curl -i -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" http://localhost:9000/v2/getsecuritymap

Multi-tenant

To get a JWT to authorize calls in a multi-tenant environment, execute the following request without a sub-domain in the URL:

Note The iss tenant parameter is required.

TOKEN=$(curl -s -X POST http://localhost:9000/auth/signin -H "Content-Type:application/json" -d "{\"username\":\"<username>\", \"password\":\"<password>\", \"iss\":\"<tenant>\"}"| jq -r '.token')

curl -i -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" http://localhost:9000/v2/getsecuritymap

Without headers and jq display

curl -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" http://localhost:9000/v2/getsecuritymap | jq '.' | cat