Summary of Content

Requirements
API Authentication Basics
      How does it work?
      Limit Access with Account-specific Tokens
      Keep Tokens Safe
Create an API Token and Client Id
Related Resources 

Requirements

  • You must be an organization Admin to create a Sigma API token and Client Id.
  • Anyone with access to an active Sigma API token and Client Id can authenticate with Sigma’s API at the access level associated with the token.

API Authentication Basics

How does it work?

Sigma authenticates API requests using account-based API keys, generated and managed in your Sigma Admin Portal.

Before the API is used, an organization Admin must first create a Client Id and API Token associated with a user’s account.

A developer can then use these values to generate a one-hour access token to Sigma’s API. All requests to Sigma’s API must include this access token. Without it, Sigma will return an error.

Limit Access with Account-specific Tokens

All API keys are associated with an individual organization member. Sigma’s API will only return data that is accessible to the authenticated user and permitted for their account type.

For security purposes, do not share API keys with individuals whose permissions should be less than that of the keys’ associated user account. 

Keep your Tokens Safe

Anyone with access to an existing Client Id and API Token pair, or to a valid access token, can access Sigma’s API, and your data, as the associated user.  

As such, be sure to store all API keys in a secure location (e.g. a password manager).

Create an API Token and Client Id

  1. Open your Sigma Admin Portal.
  2. On the left side of the page, click API & Embed Secrets to open the API & Embed Secrets page.
  3. On the API & Embed Secrets page, click the Create New button.
    Screen_Shot_2021-10-18_at_5.31.57_PM.png
    This will open the Create New API Token or Embed Secret modal.
    The API Token option will be selected by default.
    Screen_Shot_2021-10-18_at_5.34.12_PM.png
  4. Enter a Name to identify the specific API Token.
    Screen_Shot_2021-10-18_at_5.35.47_PM.png
  5. [optional] Enter a description.
  6. Under Owner, select the user account you would like to associate with the token.
    Note: Account type permissions assigned the selected Sigma user will automatically carry over into the Sigma API Token.
    Screen_Shot_2021-10-18_at_5.38.56_PM.png
  7. Click Create.
  8. An API Token modal will appear.
    Click Copy and immediately paste the secret in a secure location.
    Important: The secret cannot be retrieved once this modal is closed.
    Screen_Shot_2021-10-18_at_5.40.35_PM.png
  9. Click Close.
  10. Your newly created Sigma API Token will be listed in the APIs & Embed Secrets panel.
    Hover over the token’s Client Id and click copy.
    Important: Both the API token and the Client Id are required for authentication.
    Screen_Shot_2021-10-18_at_5.41.34_PM.png

Related Resources

Get Started with Sigma’s API
Sigma's Swagger Playground
Authenticate with cURL