Authorization
Cube Software API
Prerequisites
The Cube Software API uses OAuth 2.0 with PKCE (Proof Key for Code Exchange) for authentication. To connect Nexla to your Cube Software account, you will need an OAuth 2.0 Client ID and Client Secret issued by Cube Software.
Obtain Your Cube Software API OAuth2 Credentials
Cube Software manages OAuth application registration on behalf of customers. To get your Client ID and Client Secret, contact the Cube Support team directly:
-
Sign in to your Cube Software account at https://portal.cubesoftware.com.
-
Navigate to Help or open a support request through the Cube Help Center at https://help.cubesoftware.com.
-
Request API access and ask Cube Support to provision an OAuth 2.0 application for your organization. In your request, specify that you need a Client ID and Client Secret for a third-party integration.
-
Once provisioned, Cube Support will provide your Client ID and Client Secret. Store these credentials securely — the Client Secret should be treated like a password and not shared or exposed in client-side code.
For additional information about the Cube Software API authentication flows, refer to the Cube API Authentication Flows article in the Cube Help Center. Developer resources and API documentation are available at the Cube Developer Center.
Create a Cube Software API Credential
- To create a new Cube Software API credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
OAuth 2.0 Authentication (3-Legged with PKCE)
The Cube Software API connector uses a three-legged OAuth 2.0 flow with PKCE, which provides delegated user access to Cube Software API resources on behalf of an authenticated user. During this process, Nexla will redirect you to the Cube Software authorization page to sign in and grant access.
-
Enter your OAuth 2.0 Client ID in the Client ID field. This is the unique public identifier assigned to your registered Cube Software OAuth application. Your Client ID was provided when you registered for API access through Cube Support.
-
Enter your OAuth 2.0 Client Secret in the Client Secret field. This private key authenticates your application when requesting tokens from the Cube Software API. Keep this value confidential.
The Client ID and Client Secret fields are the only credentials you need to enter manually. All other OAuth 2.0 parameters — including the Authorization URL (
https://portal.cubesoftware.com/o/authorize/), Token URL, and Access Scope (read write) — are pre-configured and handled automatically by Nexla. -
After entering your Client ID and Client Secret, Nexla will initiate the OAuth 2.0 PKCE authorization flow. You will be redirected to the Cube Software login page at https://portal.cubesoftware.com to sign in and authorize Nexla's access to your Cube Software account.
-
Sign in with your Cube Software credentials and click Authorize (or equivalent) to grant Nexla access. Upon successful authorization, you will be redirected back to Nexla and the credential setup will be completed automatically.
ImportantOAuth 2.0 access tokens issued by Cube Software expire after 10 hours (36,000 seconds). Nexla will automatically refresh the token using the provided credentials so that your data flows remain uninterrupted.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.