Authentication Guide for Server Applications

Server applications can securely access SPARQUE’s features by authenticating through a Machine-to-Machine (M2M) account.

To set up authentication for your server, follow the steps below:

Step 1: Obtain M2M Account Credentials

First, create an M2M account that provides the necessary Client ID and Client Secret to authenticate your server. These credentials must be securely stored on your server.

Note:
Only SPARQUE Desk administrators can create M2M accounts.

To create an M2M account:

  1. Navigate to Settings | Team Members.
  2. If no M2M account exists, click Add System-to-System Account.
  3. Specify a name and assign one of the following roles:
    • API Usage: Grants access to SPARQUE API features.
    • Data Provider: Grants access to download/upload data within pipelines.

Step 2: Request an Access Token

Once you have your credentials, request an access token to authenticate API requests. You can do this using SPARQUE's Token Storage API.

This method optimizes token usage by issuing a valid token and avoiding unnecessary new token requests.

To request a token, send a POST request to:
https://api.search.sparque.ai/api/auth

Example using cURL:

curl -X 'POST' \
  'https://api.search.sparque.ai/api/auth' \
  -H 'accept: */*' \
  -H 'Content-Type: application/json-patch+json' \
  -d '{
  "WorkspaceName": "string",
  "ClientId": "string",
  "ClientSecret": "string",
  "ForceReauth": false
}'
  • Replace WorkspaceName, ClientId, and ClientSecret with your project-specific details.
  • Set ForceReauth to false to retrieve an existing valid token. Set it to true only if you need to force re-authentication (for example, if the cached token is causing issues).

Note:
Store the token on your server and reuse it for future API calls until it expires. This will minimize unnecessary token requests.

Step 3: Use the Access Token

Once you have obtained the access token, include it in the Authorization header of your API requests.

Example using cURL:

curl "https://rest.sparque.ai/1/my_workspace/api/my_api/e/my_endpoint/results?config={config}" \
  -H "Authorization: Bearer YOUR_TOKEN"

Replace YOUR_TOKEN with the actual token you received.

Token Usage Guidelines:

  • Store and reuse the token: Always store the token on your server and reuse it until it expires to avoid requesting too many tokens and exceeding your quota.
  • Monitor expiration: Keep track of when the token expires to avoid service disruptions. If the token is invalid or has expired, request a new token by repeating Step 2: Request an Access Token.