Present client credentials to obtain an authorization token
Looker API implements the OAuth2 Resource Owner Password Credentials Grant pattern.
The client credentials required for this login must be obtained by creating an API key on a user account
in the Looker Admin console. The API key consists of a public client_id and a private client_secret.
The access token returned by login must be used in the HTTP Authorization header of subsequent
API requests, like this:
Authorization: token 4QDkCyCtZzYgj4C2p2cj3csJH7zqS5RzKs2kTnG4
Replace "4QDkCy..." with the access_token value returned by login.
The word token is a string literal and must be included exactly as shown.
This function can accept client_id and client_secret parameters as URL query params or as www-form-urlencoded params in the body of the HTTP request. Since there is a small risk that URL parameters may be visible to intermediate nodes on the network route (proxies, routers, etc), passing credentials in the body of the request is considered more secure than URL params.
Example of passing credentials in the HTTP request body:
POST HTTP /login
Content-Type: application/x-www-form-urlencoded
client_id=CGc9B7v7J48dQSJvxxx&client_secret=nNVS9cSS3xNpSC9JdsBvvvvv
Best Practice:
Always pass credentials in body params. Pass credentials in URL query params only when you cannot pass body params due to application, tool, or other limitations.
For more information and detailed examples of Looker API authorization, see How to Authenticate to Looker API.