Skip to main content

API Guide

API Referencev2.0

Master the API with our comprehensive guide covering authentication, service account management, and data querying. Includes production-ready code samples in multiple programming languages.

ReactPythonJavaScriptGoC++
Quick start

This guide covers two main authentication flows:

  1. User Authentication - JWT-based login for identity management
  2. Service Account Authentication - Token-based access for data operations

🚀 Base URL and configuration

Base URL:https://www.example.com

All endpoints below are relative to this base URL.

🔐 Authentication overview

1

User Login (JWT)

Authenticate with email/password to get JWT token

2

Service Account

Create or manage service account tokens

3

Data Access

Use service token to access data APIs

Authentication methods

MethodHeaderUsage
User LoginAuthorization: Bearer <JWT>Identity management endpoints
Service Accountx-auth-token: <token>Data access endpoints

🔑 User authentication

Login endpoint

POST/idp/api/v1/user/login

Request Body

{
  "email": "<your-email>",
  "password": "<your-password>"
}

Response

Success: Returns Authorization: Bearer <JWT> header

📝 Note: Extract only the token value (remove "Bearer " prefix)

JWT usage

Use the JWT token for all IdP (Identity Provider) endpoints including:

  • Creating service accounts
  • Resetting tokens
  • Deleting service accounts

🏢 Identity (IdP) APIs

Authentication Required

All IdP endpoints require the JWT token from login: Authorization: Bearer &lt;JWT&gt;

Create Service Account

POST/idp/api/v1/company/serviceAccount

Request Body

{
  "name": "<service-account-name>",
  "description": "<optional-description>"
}

Response Example

{
  "token": "<service-account-token>",
  "expiryInSeconds": 31536000
}

💾 Save this token! You'll use it as x-auth-token for data APIs.

Reset Service Account Token

GET/idp/api/v1/company/serviceAccount/:id/token/reset

Query Parameters

  • neverExpires (optional): Set to true for non-expiring tokens

Response Examples

With Expiry
{
  "token": "<new-token>",
  "expiryInSeconds": 31536000,
  "expiryDate": "2026-08-05T15:19:01.851+0000"
}
Non-Expiring
{
  "token": "<new-token>",
  "neverExpires": true
}

Delete Service Account

DELETE/idp/api/v1/company/serviceAccount/:id

Response: 200 OK with empty body on success

📊 Data (noCo) APIs

Authentication Required

All noCo endpoints require the service account token: x-auth-token: &lt;service-account-token&gt;

Get Table Schema

GET/noCo/api/v2/workspaces/:workspaceId/tables/:tableId

Returns table metadata including columns and their properties. Use this to discover valid column names for queries.

Get Table Data

POST/noCo/api/v2/workspaces/:workspaceId/tables/:tableId/data/external

Request Body Examples

Minimal Paging
{
  "requestPageDetails": {
    "pageNumber": 1,
    "pageSize": 101
  }
}
With Filter and Sort
{
  "requestPageDetails": { 
    "pageNumber": 1, 
    "pageSize": 101 
  },
  "whereClause": "name = 'krishna'",
  "sortOptions": [
    { "columnName": "name", "direction": "ASC" },
    { "columnName": "notes", "direction": "DESC" }
  ]
}

⚠️ Important: Column names in whereClause and sortOptions must exist. Fetch them via Get Table Schema first.

Execute SQL Query

POST/noCo/api/v2/workspaces/:workspaceId/tables/:tableId/executeQuery

Request Body

{ 
  "value": "SELECT * FROM table_<suffix>" 
}

Response

May return JSON with columns and export fileName (CSV), or empty body with 200 OK depending on query and server configuration.

🔄 Complete workflow

🔐

Step 1: Login

POST /idp/api/v1/user/login → Extract JWT from Authorization header

🔑

Step 2: Create Service Account

Use JWT to create or reset a service account token

📊

Step 3: Access Data

Use service account token as x-auth-token for noCo endpoints

📋 Common headers

Endpoint TypeRequired HeadersExample
All RequestsContent-Type: application/jsonContent-Type: application/json
IdP EndpointsAuthorization: Bearer <JWT>Authorization: Bearer eyJhbGciOiJIUzI1NiIs...
noCo Endpointsx-auth-token: <service-token>x-auth-token: sa_1234567890abcdef...

⚠️ Security and error handling

🔒 Token Security

  • Treat all tokens as secrets - never commit to source control
  • Prefer tokens with expiry over non-expiring tokens
  • Rotate tokens regularly for enhanced security

🔄 Error Handling

  • Handle HTTP 401/403 by refreshing JWT or resetting service account token
  • Use HTTPS only (all endpoints are https://)
  • Implement proper error logging and monitoring

💻 Code samples

Before Running

Replace placeholders like YOUR_JWT, YOUR_SERVICE_TOKEN, YOUR_WORKSPACE_ID, and YOUR_TABLE_ID with your actual values.

import React, { useEffect, useState } from "react";

export default function QueryTable() {
  const [rows, setRows] = useState([]);
  const [loading, setLoading] = useState(false);
  const token = process.env.REACT_APP_SERVICE_TOKEN;
  const workspaceId = "YOUR_WORKSPACE_ID";
  const tableId = "YOUR_TABLE_ID";

  useEffect(() => {
    async function run() {
      setLoading(true);
      try {
        const res = await fetch(
          `https://www.example.com/noCo/api/v2/workspaces/${workspaceId}/tables/${tableId}/executeQuery`,
          {
            method: "POST",
            headers: {
              "Content-Type": "application/json",
              "x-auth-token": token,
            },
            body: JSON.stringify({ value: "SELECT * FROM table_6ec53cc4" }),
          }
        );
        const data = await res.json().catch(() => ({}));
        setRows(data.rows || []);
      } catch (e) {
        console.error(e);
      } finally {
        setLoading(false);
      }
    }
    run();
  }, [token, workspaceId, tableId]);

  if (loading) return <div>Loading…</div>;
  return (
    <table>
      <tbody>
        {rows.map((r, i) => (
          <tr key={i}>
            {Object.values(r).map((v, j) => (
              <td key={j}>{String(v)}</td>
            ))}
          </tr>
        ))}
      </tbody>
    </table>
  );
}

Was this helpful?