Credentials

Data credential resources contain encrypted client credentials for accessing data sources and destinations. The credential attributes of these resources are always stored and transmitted in encrypted format. The Nexla encryption library and secret are required to decrypt the credentials for authentication against the external source.

The same data credentials can be used with multiple data sources and destinations.

List All Credentials

Both Nexla API and Nexla CLI support methods to list all credentials in the authenticated user's account. Details like id, name and type are displayed.

Nexla API

List All Credentails: Request

GET /data_credentials

Nexla CLI

List All Credentails: Request

nexla credential list

Nexla API

List All Credentails: Response

[
  {
    "id": 5001,
    "owner": {
      "id": 2,
      "full_name": "Jeff Williams"
    },
    "org": {
      "id": 1,
      "name": "Nexla"
    },
    "access_roles": ["owner"],
    "credentials_type": "s3",
    "credentials_version": "1",
    "credentials_enc": ...,
    "credentials_enc_iv": ...,
    "updated_at": "2016-10-24T22:15:04.000Z",
    "created_at": "2016-10-24T22:15:04.000Z"
  }
]

Nexla CLI

List All Credentails: Response

 id      credentials_type      name
----    ------------------    -----------------------
5016     ftp                   sftp_test
5050     s3                    s3_test

Show One Credential

Fetch a specific credential accessible to the authenticated user. The response will contain all the non-secure parts of the credential (like the FTP username) that are helpful to understand the credential context, but will never contain secure sensitive fields (like FTP password).

Nexla API

Show One Credential: Request

GET /data_credentials/{data_credential_id}

Nexla CLI

Show One Credential: Request

nexla credential get <credential_id>

Nexla API

Show One Credential: Response

{
  "id": 5001,
  "owner": {
    "id": 2,
    "full_name": "Jeff Williams"
  },
  "org": {
    "id": 1,
    "name": "Nexla"
  },
  "access_roles": ["owner"],
  "name": "Test API",
  "description": null,
  "credentials_type": "rest",
  "credentials_non_secure_data": {
    "auth.type": "NONE",
    "ignore.ssl.cert.validation": false,
    "test.method": "GET",
    "test.content.type": "application/json",
    "jwt.enabled": false,
    "hmac.enabled": false,
    "test.url": "https://demo-api.com/api/info.php?tid=1"
  }
}

Nexla CLI

Show One Credential: Response

{
  "name": "Test API",
  "description": null,
  "credentials_type": "rest",
  "credentials_non_secure_data": {
    "auth.type": "NONE",
    "ignore.ssl.cert.validation": false,
    "test.method": "GET",
    "test.content.type": "application/json",
    "jwt.enabled": false,
    "hmac.enabled": false,
    "test.url": "https://demo-api.com/api/info.php?tid=1"
  }
}

Create Credential

Use the method below to create a credential. This credential can then be associated with any source or destination. Note that you can also create a credential through the methods for creating a source or a destination.

Nexla API

Create A Credential: Request

POST /data_credentials
...Example Request Body
{
  "name": "Test S3 Credentials",
  "credentials_type": "s3",
  "credentials": {
    "credentials_type": "s3",
    "access_key_id": "<AWS Access Key>",
    "secret_key": "<AWS Secret Key>"
  }
}

Nexla API

Create A Credential: Response

{
  "id": 5008,
  "name": "Test S3 Credentials",
  "description": null,
  "owner": {
    "id": 2,
    "full_name": "Jeff Williams",
    "email": "jcw@nexla.com"
  },
  "org": {
    "id": 1,
    "name": "Nexla",
    "email_domain": "nexla.com"
  },
  "access_roles": ["owner"],
  "credentials_type": "s3",
  "credentials_version": "1",
  "credentials_non_secure_data": {
    ...
  }
  "verified_status": null,
  "verified_at": null,
  "updated_at": "2017-06-05T20:24:25.209Z",
  "created_at": "2017-06-05T20:24:25.209Z"
}

Inspect Credential Data

The endpoints below allow inspection of data that the credentials point to.

These endpoints can be handy when trying to figure out the storage structure and data format of the location a credential points to. For ex, with S3 credential you can inspect the file structure and file content of that S3 location before choosing to create a source/destination based on that credential.

Authenticate Credential

You can check the validity of a data credentials resource using the /data_credentials/<data_credential_id>/probe or /data_credentials/<data_credential_id>/probe/authenticate endpoint.

A GET call to this endpoint will attempt to authenticate with the remote service using the credential details and return either a 200 response code for success or an error code and message.

Nexla API

Authenticate Credential: Request

GET /data_credentials/{data_credential_id}/probe

Inspect File or Database Type Credential Content Tree

You can inspect the tree structure in the external source to a particular depth. Note that not all storage types have a natural tree structure.

Nexla API

Inspect File/Database Credential: Request

POST /data_credentials/{data_credential_id}/probe/tree
...
Example Request Body
{
 "region": "us-west-1",
 "bucket": "production-s3-basin",
 "prefix": "events_v2/",
 "depth": 3
}

Nexla API

Inspect File/Database Credential: Response

{
  "status": "ok",
  "connection_type": "s3",
  "output": {
    "events_v2": {
      "2015": {
        "11": {
          "1": {},
          "2": {},
          "3": {}
        },
        "12": {
          "1": {},
          "8": {}
        }
      },
      "2017": {
        "2": {
          "20": {}
        }
      }
    }
  }
}

Inspect File type Credential Content

Use the endpoint below to get metadata and sample records from a set of files. The POST body must contain path of file starting from the root of the location that data_credential points to.

Nexla API

Inspect File Credential Content: Request

POST /data_credentials/{data_credential_id}/probe/files
...
Example Request Body
{
  "path" : "demo-in.nexla.com",
  "file" : "Demo/Stock.json"
}

Nexla API

Inspect File Credential Content: Response

{
  "status": 200,
  "message": "Ok",
  "output": {
    "format": "json",
    "messages": [
      {
        "Stockname": "sociosqu ad",
        "Total Debt": 8,
        "Return on Assets": 1,
        "Sector": "Mauris",
        "Quick Ration": "1.2"
      },
      {
        "Stockname": "ornare. In",
        "Total Debt": 7,
        "Return on Assets": 3,
        "Sector": "lectus.",
        "Quick Ration": "1.2"
      },
      {
        "Stockname": "nec, diam.",
        "Total Debt": 5,
        "Return on Assets": 5,
        "Sector": "eu",
        "Quick Ration": "1.2"
      }
    ]
  },
  "connection_type": "s3"
}

Inspect Sample Data from Credential

Use the endpoint below to fetch sample data for a credential. This is useful for viewing sample content of any type of external system before creating a source / destination so that user can decide exactly how to setup the source / destination.

The format of the request body object depends on the data source type. S3 data sources require a path attribute. FTP data sources require only a file attribute, which must contain the full path to an ftp-based file. You can also fetch sample data for third party APIs by setting the payload exactly like the source_config for an equivalent API source.

Nexla API

Inspect Sample Data: Request

POST /data_credentials/{data_credential_id}/probe/sample
...
Example Request Body
{
  "path" : "demo-in.nexla.com",
  "file" : "test/Stock.json"
}

Nexla API

Inspect Sample Data: Response

{
  "status": 200,
  "message": "Ok",
  "output": {
    "response": "\"Store\",\"Upc\"",
    "statusCode": 200,
    "contentType": "text/plain"
  },
  "connection_type": "s3"
}