Getting a Cloudera Data Engineering API access token
Cloudera Data Engineering uses JSON Web Tokens (JWT) for API authentication. To interact with a virtual cluster using the API, you must obtain an access token for that cluster.
Before you begin
Determine the authentication endpoint for your virtual cluster:
- In the Cloudera Data Platform (CDP) console, click the Data Engineering tile. The Home page displays.
- In the Virtual Clusters section, navigate to the virtual cluster for which you want.
- Click View Cluster Details for the virtual cluster.
The Administration/Virtual Cluster page is displayed.
- Click GRAFANA CHARTS. The hostname of the URL in your browser is
the base URL, and
/gateway/<***authtkn-OR-cdptkn***>/knoxtoken/api/v1/tokenis the endpoint.- Example: LDAP Authentication URL
https://service.cde-czlmkz4y.na-01.xvp2-7p8o.cloudera.site/gateway/authtkn/knoxtoken/api/v1/token
- Example: Access Key Authentication URL
https://service.cde-czlmkz4y.na-01.xvp2-7p8o.cloudera.site/gateway/cdptkn/knoxtoken/api/v1/token
- Example: LDAP Authentication URL
- From the client you want to use to access the API, run
curl -u <workload_user> <auth_endpoint>. Enter your workload password when prompted.For example:curl -u csso_psherman https://service.cde-czlmkz4y.na-01.xvp2-7p8o.cloudera.site/gateway/authtkn/knoxtoken/api/v1/tokenThe user account is your CDP workload user . - In the output, the
access_tokenvalue is the JWT. For convenience, copy it and set it as an environment variable:export CDE_TOKEN=<access_token>Alternatively, you can set the token in a single step usingjqto extract the token:export CDE_TOKEN=$(curl -s -u <workload_user> <auth_endpoint> | jq -r '.access_token')
See Using an access token in Cloudera Data Engineering API calls for instructions on using the token in API calls.
