Authentication
Datasource APIs
Semantic Layer APIs
Embeds
Data App APIs
Metric APIs
curl --request POST \
--url https://api.usedatabrain.com/api/v2/service-token/rotate \
--header 'Authorization: Bearer 550e8400-e29b-41d4-a716-446655440000' \
--header 'Content-Type: application/json' \
--data '{"expireAt":3600}'
{
"key": "7c9e6679-7425-40de-944b-e07fc1f90ae7"
}
curl --request POST \
--url https://api.usedatabrain.com/api/v2/service-token/rotate \
--header 'Authorization: Bearer 550e8400-e29b-41d4-a716-446655440000' \
--header 'Content-Type: application/json' \
--data '{"expireAt":3600}'
{
"key": "7c9e6679-7425-40de-944b-e07fc1f90ae7"
}
Self-Hosted APIs
Rotate Service Token
Rotate your service token. Expires the current token after an optional grace period and returns a new token.
curl --request POST \
--url https://api.usedatabrain.com/api/v2/service-token/rotate \
--header 'Authorization: Bearer 550e8400-e29b-41d4-a716-446655440000' \
--header 'Content-Type: application/json' \
--data '{"expireAt":3600}'
{
"key": "7c9e6679-7425-40de-944b-e07fc1f90ae7"
}
POST
/
api
/
v2
/
service-token
/
rotate
curl --request POST \
--url https://api.usedatabrain.com/api/v2/service-token/rotate \
--header 'Authorization: Bearer 550e8400-e29b-41d4-a716-446655440000' \
--header 'Content-Type: application/json' \
--data '{"expireAt":3600}'
{
"key": "7c9e6679-7425-40de-944b-e07fc1f90ae7"
}
Rotate your organization service token. The current token is set to expire after a grace period (in seconds), and a new service token is returned. Use this for key rotation and security best practices.
On error, the API returns a JSON object with
The service token used in the
Authorization header is the token being rotated. You only need to provide expireAt in the request body — no token field required.Authentication
Use your current service token in theAuthorization header. The token provided here is the one that will be expired and replaced.
To access your service token:
- In Settings page, navigate to the Service Tokens section.
- Click the “Generate Token” button to create a new service token if you don’t have one already.
Headers
Bearer token for API authentication. Use the service token you want to rotate.
Authorization: Bearer 550e8400-e29b-41d4-a716-446655440000
Must be
application/json when sending a JSON body.Content-Type: application/json
Request Body
Duration in seconds until the current token expires. The old token remains valid until this many seconds from the request, then it is invalidated. Accepts a number or a numeric string. Use
0 to expire immediately. Common values: 0 (immediate), 3600 (1 hour), 86400 (24 hours).Response
On success, the API returns 200 with a JSON object:The new service token (UUID). Use this for all future service-level API calls. Store it securely; the previous token will expire per
expireAt.error.code and error.message and an appropriate HTTP status (400, 401, or 500).
Examples
HTTP Status Code Summary
| Status Code | Description |
|---|---|
200 | OK – New service token returned in key |
400 | Bad Request – Missing parameters, invalid key format, not a service token, or token already expired |
401 | Unauthorized – Service token not found in DB or already expired |
500 | Internal Server Error – Server error |
Possible Errors
| Code | Message | HTTP Status |
|---|---|---|
INVALID_REQUEST_BODY | Joi validation message (e.g. "expireAt" is required) | 400 |
AUTHENTICATION_ERROR | "API Key is not provided or Invalid!" – missing/invalid UUID format (400); "API Key is invalid or expired!" – not found or expired in DB (401); "Invalid Service Token" – token is a data app key, not a service token (400) | 400 / 401 |
EXPIRED_SERVICE_TOKEN | Service token is already expired | 400 |
INVALID_SERVICE_TOKEN | Invalid service token | 400 |
INTERNAL_SERVER_ERROR | Internal server error or GraphQL error message | 500 |
Related
- Create Service Token – Create or save a service token
- Rotate API Key – Rotate a data app API key
- Create Admin JWT – Get admin access token
⌘I