Skip to main content

Authorization

Follow this guide to create a new Demandbase credential that will allow Nexla to authenticate to and exchange data with your Demandbase account.
demandbase_api_auth.png

Demandbase

Prerequisites

The Demandbase connector uses OAuth2-style JWT token authentication. Nexla authenticates by exchanging a Client ID and Client Secret for a short-lived Bearer access token, which is automatically renewed as needed during data flow execution. No manual token management is required.

To connect Nexla to Demandbase, you must first generate an API Key Set in your Demandbase One account. API Key Sets are managed at the platform level, not tied to individual user accounts, so integrations remain stable even when user roles change or individual accounts are deactivated.

Generate a Demandbase API Key Set

  1. Sign in to your Demandbase One account. Administrator access is required to manage API Key Sets.

  2. In the top navigation bar, click Settings, then navigate to APIs > API Key Sets.

  3. Click Create New to begin creating a new API Key Set.

  4. Enter a descriptive name for the key set in the API Key Set Name field — for example, Nexla Integration — so you can identify it easily in the future. Click Save.

  5. On the API Permissions step, select the APIs that this key set should be authorized to access. For use with this Nexla connector, enable access to the B2B API at minimum. Enable Data Import access if you plan to use Demandbase as a destination. Enable Admin access if you plan to use the user administration endpoints. Click Next.

  6. Click Create Token to generate a new API token. Demandbase will display both the Client ID and Client Secret for the token.

Important

Copy and store both the Client ID and Client Secret in a secure location immediately. The Client Secret is shown only once and cannot be retrieved after you close this window. If the secret is lost, you will need to generate a new API token within the key set.

Demandbase allows up to 5 API Key Sets per account (active or inactive combined), with up to 5 active tokens per key set. Plan your API Key Sets accordingly if your organization has multiple integrations. For complete information, see the Demandbase Help Center — Generate and Manage API Key Sets.

Confirm the API Base URL

The default Demandbase API production base URL is https://uapi.demandbase.com. This is the default value pre-filled in the Nexla credential form. If Demandbase has provided a custom or regional base URL for your account, use that value instead.

For the correct base URL for your account, refer to your Demandbase account settings or the Demandbase Developer Portal.

Create a Demandbase Credential

  • To create a new Demandbase credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Connection Settings

  1. Enter the base URL for your Demandbase API environment in the API Base URL field. The default value is https://uapi.demandbase.com. Use this default for the standard Demandbase production environment. If Demandbase has provided a custom base URL for your account, enter that value here instead.

  2. Enter the Client ID from the API Key Set you generated in Demandbase in the Client ID field. This value is used together with the Client Secret to obtain a Bearer access token that authenticates Nexla's requests to the Demandbase API.

  3. Enter the Client Secret from the API Key Set you generated in Demandbase in the Client Secret field. This value is treated as a password and is stored securely by Nexla.

    Nexla uses the Client ID and Client Secret to automatically request short-lived access tokens from the Demandbase authentication endpoint. The resulting Bearer token is included in the Authorization header of all API requests. You do not need to manually manage token expiration or renewal.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.