OAuth Applications settings page

Important  This feature is available only in the latest UI.

You can securely authenticate your applications to access Collibra public APIs without requiring individual user credentials. The Manage OAuth page allows you to register your applications to obtain a client ID and client secret that are required to request an access token.

Note You can use OAuth for authentication only.

Register an application

  1. Click Register New Application

    The Register New Application dialog box appears.

  2. Enter the required information:
    FieldDescription
    Application Type

    Integration: For applications that are developed by you to access and interact with the Collibra public APIs, facilitating integration with our product suite.

    Platform: For applications the are used to facilitate communication between different components of the Collibra platform, ensuring seamless data exchange and interaction across our product suite.

    Application NameThe name of you application, used to identify it in the list of registered applications.
  3. Click Register.

    The Registration Confirmation dialog box appears.

  4. Copy and safely store the Client ID and Client Secret.

    Important This is the only time you are able to see the client secret.

Request an access token

Use the client ID and secret to obtain access tokens via the REST OAuth API v2 POST method of the /token endpoint:

  • cURL
  • Python - http.client
  • Node - Native
Copy 
curl -L -X POST '/rest/oauth/v2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'client_id=<your_client_id>' \
-d 'client_secret=<your_client_secret>' \
-d 'grant_type=client_credentials'
Copy 
import http.client

conn = http.client.HTTPSConnection("")
payload = 'client_id=<your_client_id>&client_secret=<your_client_secret>&grant_type=client_credentials'
headers = {
  'Content-Type': 'application/x-www-form-urlencoded'
}
conn.request("POST", "/rest/oauth/v2/token", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
Copy 
var https = require('follow-redirects').https;
var fs = require('fs');

var qs = require('querystring');

var options = {
  'method': 'POST',
  'hostname': '',
  'path': '/rest/oauth/v2/token',
  'headers': {
    'Content-Type': 'application/x-www-form-urlencoded'
  },
  'maxRedirects': 20
};

var req = https.request(options, function (res) {
  var chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function (chunk) {
    var body = Buffer.concat(chunks);
    console.log(body.toString());
  });

  res.on("error", function (error) {
    console.error(error);
  });
});

var postData = qs.stringify({
  'client_id': '<your_client_id>',
  'client_secret': '<your_client_secret>',
  'grant_type': 'client_credentials'
});

req.write(postData);

req.end();

Response example:

{
  "access_token": "rmzhoBwqYWzkGUO2C5jerPbVObywLq8AUP...",
  "token_type": "Bearer",
  "expires_in": 299
}

Note Collibra assigns all scopes to your client.

Rate limits

Collibra issues tokens from a pool of 5 per client. The pool renews at a rate of 1 token per minute. Tokens are valid for 5 minutes. You may encounter a rate limit exception in the following scenarios:

  • Excessive token requests by a single client: If a single client requests too many tokens before the current token expires. Ensure that your application reuses a valid issued token instead of requesting a new one with each API call.
  • Sharing a client across multiple applications: If each application independently requests a new token, the combined requests may surpass the allowed threshold.