Authorization

Overview

All requests to the Redivis API require a valid access token. You can create access tokens by navigating to your workspace/settings and scrolling to the bottom of the page.

When you create a token, you will have the ability to name it and grant it specific scopes; these can also be modified later. When the token is created, you will be able to see it once — store the token in a secure place for future use.

IMPORTANT: Access tokens operate like passwords, and a compromised token can allow another party to access resources on your behalf.

You should never share sensitive tokens, and avoid committing to source control where collaborators may have access (either now or in the future). Always make sure to limit your token scopes to those that are necessary for them to function.

Access tokens

Scopes

Scopes allow for you to control what actions any given token may perform. It is highly recommended to limit the scope of a token to the minimum necessary for it to function. The following scopes may be provided on access tokens:

public

This is the default scope, and is present on all tokens. It only allows access to resources on Redivis that are publicly available (e.g., if you were logged out). Access tokens that only have the public scope can be safely shared with others, and are useful for building integrations that should only access public content (for example, surfacing Redivis datasets through your library's search engine).

data.overview

Allows for "overview" access to datasets that you can see but are hidden to the general public. This will reveal the dataset's existence and some documentation, but will not provide access to restricted variable names, summary statistics, or data.

data.metadata

Allows for "metadata" access to datasets whose metadata you can view but are hidden to the general public.

Data.data

Allows for data access to a dataset's full tables (and their derivatives) when it is available to you but hidden to the general public.

Data.edit

Allows you to edit a dataset and release new versions.

Using Access Tokens

In order to interact with the API, you will need to provide your token in the header of your HTTPS request. Set the token in the Authorization request header with the value Bearer ACCESS_TOKEN .

Node.js
Python
R
curl
Node.js
const fetch = require('node-fetch');
const ACCESS_TOKEN = process.env.REDIVIS_API_TOKEN; // Your API token
const datasets = await fetch(`https://redivis.com/api/v1/users/imathews/datasets`, {
body: JSON.stringify({
maxResults: 10,
}),
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${ACCESS_TOKEN}`
},
});
Python

R

curl
curl -H "Authorization: Bearer $ACCESS_TOKEN" \
"https://redivis.com/api/v1/users/imathews/datasets"

Revoking access tokens

If you have lost an access token, are no longer using it, or if you have reason to believe your access token has been compromised, it is important that you revoke it. Navigate to your workspace settings and press the "revoke" button next to the token in question.

Export restrictions

Some datasets on Redivis have export restrictions that limit the number of bytes, records, or ip address(es) of raw data egress. If your request is in conflict with any of these restrictions (for example, your ip address is not in the export whitelist) the API method will return a 403 Not authorized .

These restrictions only apply to actual data content — for example, the export endpoints as well as any response that contains a TableRow.