Enterprise Vault™ Compliance Accelerator Reviewer's Guide
- Introducing Compliance Accelerator
- Introducing Veritas Surveillance
- Creating and viewing reports
- About the Compliance Accelerator reports
- Accessing data through the Microsoft SQL Server Reporting Services (SSRS)
- Enhanced reporting
- Accessing reports through the OData web service
- Configuring a Power BI template for reporting
Authentication
To ensure the security and integrity of data access, the Reporting API requires authentication. Authentication is used to verify the identity of the requesting client or application and determine whether it has the necessary permissions to access the API resources. There are two primary authentication methods supported for this API:
Upon configuring the reporting endpoint API, a Base URL, a primary and secondary API Keys are generated. Include either primary or secondary API key in the header of your API requests.
For example,
X-API-Key:<Primary or Secondary API Key>
Basic Authentication is a method where API clients provide a username and password with each request. Users use an encoded string in the Authorization header for this method. The recipient of the request uses this string to verify the users' identity and their access rights to a resource.
For example,
Authorization: Basic <Base64 encoded credentials>
To generate a Base64 encoded credentials:
Combine the credentials (username and password) with a colon (:).
Note:
The username must be . The password must be either a primary or a secondary API Key provided after configuring the reporting endpoint. Use either one as your password.
For example, ReportingApiUser:32adasdf3asdcvzxcweasd
After specifying the credentials as mentioned in the step above, generate a Base64 encoded credentials. It is required while setting authorization header.
For example, dGVuYW50OmtleQ==
Therefore, requests made by this user would be sent with the following header:
Authorization: Basic dGVuYW50OmtleQ==
When a server receives this request, it can access the Authorization header, decode the credentials, and look up the user to determine whether access to the requested resource should be allowed.