Authentication API


1 comment

  • Avatar
    Moti Granovsky

    Hi Edward,

    If you're getting this error - I assume you're trying to call this API from a client-side script (from within an HTML page) and thus getting the CORS error.

    For that to work, CORS has to be enabled via the Sisense settings API, as explained here:

    However, I would generally advise against doing so - the login endpoint expects a username and password in the request payload, and this type of information should never be hard-coded in a client-side script as it would be easy to obtain - The only exception to this is if the referring page is a login page in which the user is expected to input this information.
    Alternatively, if you are trying to retrieve a token for a user that is already logged in (via SSO for example) then the /login endpoint isn't the right one - it will cause the user to lose their session as it re-generates the token. Instead, the token can be found as part of the user's "prism" cookie created when they are logged in to Sisense.
    Comment actions Permalink

Please sign in to leave a comment.