The API uses token-based authentication. The authentication token must be passed to SpectX in each request using the “Bearer” authentication scheme (as defined in RFC6750 Section 2.1).



You must replace the value of the token in Authorization header with the one in User Properties and host/port if you have changed the or wgui.port configuration parameters)

curl -XPOST -G \
    -H "Authorization: Bearer 4d055ad820051448" \
    -d "" \

HTTP Request:

POST /API/v1.0/? HTTP/1.1
Host: localhost:8388
Authorization: Bearer 4d055ad820051448

Alternatively, the authentication token can be provided in the token query parameter.

The authentication token can be obtained from User Properties dialog, the token does not expire.

Note that groups referred to in read ACL descriptions of data stores which gets involved when performing the API call can only be sourced from a subset of SpectX internal groups. So-called external groups, which get provisioned by any of configured external authorization flows (IWA or SAML) during the UI login process are not available to the API submodule.