access superset API via curl
10 views
Skip to first unread message
Landry Breuil
Aug 28, 2025, 5:18:52 AMAug 28
to georchestra-dev
hi,
might be useful someday to someone.. the superset REST API has a
swagger: https://superset.apache.org/docs/api/
but to use the API, one needs to authenticate first..
i've had it working with a small script (vastly inspired by
https://github.com/apache/superset/issues/20546), using the 'admin' user
created by superset fab create-admin (i havent found how to make it use
the header-based authentication):
set USER/PASS/PORT env vars with the details about your own superset
installation:
USER=admin
PASS=admin
PORT=5590
get a jwt token:
AUTH=$(curl -s -d
'{"password":"'$PASS'","refresh":false,"provider":"db","username":"'$USER'"}'
-XPOST -HAccept:application/json -HContent-type:application/json
http://localhost:$PORT/superset/api/v1/security/login | jq -r .access_token)
with that token, get a CSRF token:
CSRF=$(curl -s -HAuthorization:\"Bearer $AUTH\"
http://localhost:$PORT/superset/api/v1/security/csrf_token/ | jq -r .result)
and use both tokens to query the API, here i get details about the first
defined database:
curl -s -H Authorization:"Bearer $AUTH" -HX-CSRF-Token:$CSRF
http://localhost:$PORT/superset/api/v1/database/1
this returns json, that you can also parse with jq:
$sh superset-api.sh | jq .result.database_name
"rtge"
some queries (eg /me/ or /me/roles/) return a 403, but others do seem to
work.
HTH!
--
Landry Breuil
might be useful someday to someone.. the superset REST API has a
swagger: https://superset.apache.org/docs/api/
but to use the API, one needs to authenticate first..
i've had it working with a small script (vastly inspired by
https://github.com/apache/superset/issues/20546), using the 'admin' user
created by superset fab create-admin (i havent found how to make it use
the header-based authentication):
set USER/PASS/PORT env vars with the details about your own superset
installation:
USER=admin
PASS=admin
PORT=5590
get a jwt token:
AUTH=$(curl -s -d
'{"password":"'$PASS'","refresh":false,"provider":"db","username":"'$USER'"}'
-XPOST -HAccept:application/json -HContent-type:application/json
http://localhost:$PORT/superset/api/v1/security/login | jq -r .access_token)
with that token, get a CSRF token:
CSRF=$(curl -s -HAuthorization:\"Bearer $AUTH\"
http://localhost:$PORT/superset/api/v1/security/csrf_token/ | jq -r .result)
and use both tokens to query the API, here i get details about the first
defined database:
curl -s -H Authorization:"Bearer $AUTH" -HX-CSRF-Token:$CSRF
http://localhost:$PORT/superset/api/v1/database/1
this returns json, that you can also parse with jq:
$sh superset-api.sh | jq .result.database_name
"rtge"
some queries (eg /me/ or /me/roles/) return a 403, but others do seem to
work.
HTH!
--
Landry Breuil
François Van Der Biest
Aug 29, 2025, 7:53:30 AMAug 29
to georche...@googlegroups.com
Thanks for sharing Landry !
F.
--
--
projet: http://www.georchestra.org/
---
Vous recevez ce message, car vous êtes abonné au groupe Google Groupes georchestra-dev.
Pour vous désabonner de ce groupe et ne plus recevoir d'e-mails le concernant, envoyez un e-mail à l'adresse georchestra-d...@googlegroups.com.
Pour afficher cette discussion, accédez à https://groups.google.com/d/msgid/georchestra-dev/118ae96b-13c3-4594-90a1-2bc0f6bc21d3%40craig.fr.
Reply all
Reply to author
Forward
0 new messages