search
About CoherentAPI referenceSupportYouTube

Authorization - Public APIs

While Spark service APIs are private by default (meaning they are only accessible by authorized users) it's possible to make them public . A Public API is available to use by anyone without any restrictions. To enable a Spark service to be public, it requires:

  1. The tenant to be configured to enable public services.

  2. The service is configured to enabled to be public.

hashtag
Enable 'Public' API visibility settings

Spark services can only be public if the tenant-admin permits it. Tenant admins can adjust this setting from the Tenant configuration page under General configurations.

From here, tenant-admins can also decide the default visibility of Spark APIs. If the default is set to Public, all services created afterwards will be executable by non-authorized users.

hashtag
Assign a Public API key

When a public Spark service is executed, the API call does not require any authorization. However, the tenant-admin must assign an API key, which will be used to correspond to all public API requests, in the General configurations tab of the Tenant configuration page.

  • Ensure that the API key has access to the services that will be made public.

  • It is suggested to review the user groups assigned for this API key to understand which Spark services are accessible.

hashtag
Publicly available APIs

By default the APIs that are publicly accessible are the same as those defined in API key terminology. Note that access to a Spark service is not by default granted unless Enable or disable Public API on a service is also completed.

hashtag
Enable public APIs for Spark Shell functionality

This needs to be enabled to allow the full functionality for Spark Shell. When enabled, endpoints will allow fetching detailed information about the Spark service and posting records to the execution history posted without authentication.

hashtag
Enable public APIs for access to WebAssembly Modules

When enabled, any Spark services set to public will also make their compiled code (WebAssembly Modules) available via the WebAssembly module API without authentication.

This is useful for use cases where the Wasm is needed to be easily accessible to serve a website.

hashtag
Enable or disable Public API on a service

If the tenant admin has enabled the Public API visibility settings, individual users are able to manage this setting on a service basis from the Service details tab of the Service documentation section.

Setting this field as True will allow non-authorized users to access the above APIs. Please note that updating this field will trigger the creation of a new version of the service.

Last updated