Login

Version 4.0.24.20 (latest)

Present client credentials to obtain an authorization token

Looker API implements the OAuth2 Resource Owner Password Credentials Grant pattern. The client credentials required for this login must be obtained by creating an API key on a user account in the Looker Admin console. The API key consists of a public client_id and a private client_secret.

The access token returned by login must be used in the HTTP Authorization header of subsequent API requests, like this:

Authorization: token 4QDkCyCtZzYgj4C2p2cj3csJH7zqS5RzKs2kTnG4

Replace "4QDkCy..." with the access_token value returned by login. The word token is a string literal and must be included exactly as shown.

This function can accept client_id and client_secret parameters as URL query params or as www-form-urlencoded params in the body of the HTTP request. Since there is a small risk that URL parameters may be visible to intermediate nodes on the network route (proxies, routers, etc), passing credentials in the body of the request is considered more secure than URL params.

Example of passing credentials in the HTTP request body:

POST HTTP /login
Content-Type: application/x-www-form-urlencoded

client_id=CGc9B7v7J48dQSJvxxx&client_secret=nNVS9cSS3xNpSC9JdsBvvvvv

Best Practice:

Always pass credentials in body params. Pass credentials in URL query params only when you cannot pass body params due to application, tool, or other limitations.

For more information and detailed examples of Looker API authorization, see How to Authenticate to Looker API.

Request

POST /login
Datatype
Description
Request
HTTP Request
query
HTTP Query
Expand HTTP Query definition...
client_id
string
client_id part of API Key.
client_secret
string
client_secret part of API Key.

Response

200: Access token with metadata.

Datatype
Description
(object)
access_token
string
Access Token used for API calls
token_type
string
Type of Token
expires_in
integer
Number of seconds before the token expires
refresh_token
string
Refresh token which can be used to obtain a new access token

400: Bad Request

Datatype
Description
(object)
message
string
Error details
documentation_url
string
Documentation link

404: Not Found

Datatype
Description
(object)
message
string
Error details
documentation_url
string
Documentation link

429: Too Many Requests

Datatype
Description
(object)
message
string
Error details
documentation_url
string
Documentation link