Rest API Register
  • Print
  • Share
  • Dark

Rest API Register

  • Print
  • Share
  • Dark

Dataloop authentication is based on Auth0 . Once a user is logged into the system the users receives a JWT token.

The platform supports many authentication methods, from email/password accounts to login providers like Google and GitHub.

Get Your Token By :

Following that, you can use the JWT for every HTTP request to the platform (with bearer authentication) httpsdocsdataloopaiimgemojisballot-box-with-check.png

Lets get our token:

🚧  The Dataloop token expires every few days and a refresh of the token is needed.

API Credentials

Allowing automation (API & SDK) access to the platform

In order to use the platform through an API or long-running SDK operation, you will need to obtain an API client ID & secret, API user & password and an existing user to the Dataloop platform.

API Client ID & Secret

This is an ID of your client and its secret. Both ID and secret should not be publicly accessible.
An organization will obtain a single client ID and secret.

To get client_id & client_secret for your organization please send us an email request to with the name of your company. The credentials are per company and not per specific user, so anyone at your company will be able to use it for their purposes.

API User & Password

Each user and password represents a machine user interacting with the Dataloop platform. In most cases a single machine user will be enough, but more users can be created in case multiple machine users are needed (e.g. machine user per service).

Login to Macine Users

  • For every machine user you create, you will need to login once into the Dataloop platform, using a password method and not with Google.
  • You can sign up with the same email that you are using for Google .
  • Make sure the user is in your domain, i.e.

Regular Sign Up.png

How Do I Restore a Machine Password ?

Use the regular "forgot password" link in the Dataloop platform login .

API Authentication

Connecting to the Dataloop Platform API

Once you have your API Credentials set, you may use it to obtain a token for the Dataloop platform.

The Dataloop API uses Auth authentication scheme, where each HTTP request has JWT attached to it via the Authorization header.

Basic Flow

  • Initiate an HTTP or M2M request using API Credentials and get your JWT token.
  • As long as the JWT token does not expire, you can add it as a Bearer authorization header.


HTTP Request Involved

Generating a Token

Once you have the credentials set up, you may make an HTTP POST request to generate your app JWT.

The request generation schema is as follows:

POST /oauth/token in HTTP/1.1
Content-Type: application/json

Body :

    "client_id": "Your client id ",
    "client_secret": "Your client secret",
    "audience": "",
    "grant_type": "password",
    "username": "<user name>",
    "password": "<user password>",
    "scope": "openid email"

M2M Login

Long-running SDK jobs require API authentication
M2M Login is recomended when:

  • wanting to run commands on the platform without an ongoing internet connection
  • wanting to run API commands directly from an external system to Dataloop

To login, you need to first obtain your API Credentials information.

Refresh Token

Functions that might run for a long period of time (e.g. days) and are using the SDK, might experience token expiration. The login token is only valid for a certain amount of time. To avoid possible token expiration, we recommend you include the following line at the beginning for methods that may take a long time in a single execution:


Log In Via SDK

Once your API Credentials are working in the SDK, you can login to the SDK as follows:

# Login to Dataloop platform
dl.login_m2m(email="", password="",client_id="",client_secret="")

Log In to the REST API

To login to the REST API, you'll need to make a POST Request to using the following JSON:

"client_id": "...",
"client_secret": "...",
"audience": "", "grant_type": "password",
"scope": "openid email",
"username": "...",
"password": "..."

You will then get a response in the following format:

"access_token": "...",
"id_token": "...",
"scope": "...",
"expires_in": 86400,
"token_type": "Bearer"

Use the id_token (JWT) from the response as your authorization JWT for future requests.

📘 Note:
  • Once JWT is supplied, the requester should check its expiration date and issue a new JWT request every expiration period. Typically the expiration period is a few days but may vary.
  • The M2M flow allows machines to obtain valid, signed JWT and automatically refresh it, without the need for a real user account UI login.
  • Use this flow for a direct HTTP connection to the Dataloop platform

The Received Token

Once obtained, the JWT will typically look like the following (though usually much longer):

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwi aWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

There are many tools and libraries to decode JWT tokens, for example, allows interactive decoding.

Once decoded, a typical JWT will look as follows:

  "given_name": "FirstName",
  "family_name": "LastName",
  "nickname": "Name",
  "name": "Full Name",
  "picture": "",
  "locale": "he",
  "updated_at": "2019-09-23T06:06:17.641Z",
  "email": "",
  "email_verified": true,
  "iss": "",
  "sub": "google-oauth2|101916523885779176498",
  "aud": "I4Arr9ixs5RT4qIjOGtIZ30MVXzEM4w8",
  "iat": 1569218779,
  "exp": 1569283579,
🚧 Note:
  • In order to obtain the expiration date, you will need to decode the JWT. You will also need to extract the exp field to get your JWT lifetime.
  • You will need to refresh your JWT before its expiration date.
Was This Article Helpful?