Securing the API - Cloud

Talend Cloud Data Inventory User Guide

Version
Cloud
Language
English
Product
Talend Cloud
Module
Talend Data Inventory
Content
Administration and Monitoring > Managing connections
Data Governance
Data Quality and Preparation > Enriching data
Data Quality and Preparation > Identifying data
Data Quality and Preparation > Managing datasets
Last publication date
2023-11-08
Secure your API by creating credentials for consumers and setting up HTTPS.

Managing consumers

The API generated from your dataset can be accessed by using basic authentication or API key authentication. Select the authentication method in the API configuration form when adding the allowed consumers.

  • For basic authentication, define a username and password for your consumer.

    To call the API, you need to add an Authorization header. The value should be Basic followed by the string username:password encoded in Base64. For example: Basic dXNlcm5hbWU6cGFzc3dvcmQ=.

  • For API key authentication, use the generated key in the header of your request.

    To call the API, you need to add an Authorization header. The value should be Token followed by the API key generated during the API configuration. For example: Token apic.data-api_3KF0MT_EalJeneqZZC3BVTm9J3ft6s66vAb3g_EgI0K7.

Using HTTPS

If you are using a dataset with a Remote Engine Gen2 connection, you can set up HTTPS for your API. You can do this by updating the NGINX configuration in the default/nginx folder in the Remote Engine Gen2 directory.

Important: When switching to an HTTPS configuration, the server port used is 8443 instead of 8080 for HTTP.

To help you set up a basic HTTPS configuration, the default/nginx/nginx.conf file includes a commented example of configuration.

  1. Comment the following line:
     listen              9102; # Do not change this port number
  2. Uncomment the following lines:
    # listen              9103 ssl;  # Do not change this port number
        # ssl_certificate     cn.crt;    # The name of your public certificate file. Put it next to this nginx.conf
        # ssl_certificate_key cn.key;    # The name of your private key file. Put it next to this nginx.conf

    The .crt and .key files must be located in the default/nginx folder.

  3. Make sure that the names referenced in default/nginx/nginx.conf for the .crt and .key files correspond to your actual file names.
There are different ways to configure this; for information on more advanced configurations, see the NGINX documentation.
Tip: With NGINX, you can use free SSL certificates from Let's Encrypt. For more information, see the NGINX blog.