Skip to main content

API Authentication


API Authentication is a process to validate the identity of the external source/client trying to establish a connection, using an authentication protocol. During the authentication process, credentials are sent from the client to the remote server in an encrypted format or in plain text format.

After successful authentication, the next step is authorization. Once the identity of the client is validated by the server, the client will be able to securely communicate with the remote server.

All Figment APIs require authentication, which is performed by passing your API key via the Authorization request header, or as a parameter in the query URL. Read more about API key best practices.

If your app makes any cross-origin requests, you must also have an Allowed Origin set in your DataHub app.


To maintain the security of your API keys, we recommend you to always use HTTPS.

Keep in mind that API keys sent over HTTP are insecure, regardless of the method used.


Here's an example to get you started.

fetch("", {
method: 'POST', // can also be 'GET', 'PUT' or any appropriate method
headers: {
"Authorization" : "<api_key>",
"Content-Type": "application/json" // if method is 'POST'
body: JSON.stringify({
// JSON Payload