Better way to authenticate API

aboulis · June 26, 2023, 11:42am

Hello, we're building an integration with Metabase and I wonder if there is a better way to authenticate API to API communication.
The only way for now seems to be:

User shares username & password with our API
We generate session token (expiration 14 days)
If token expires we need to keep track of the username/password

Storing the user's username & password is something we're not comfortable with. Is there a better way or any plan to support an api key/secret in the future?

Thanks in advance

Luiggi · June 27, 2023, 3:03pm

you need We should support an alternative API authentication mechanism · Issue #2699 · metabase/metabase · GitHub

aboulis · June 27, 2023, 3:32pm

Thank Luiggi, I saw it yesterday, but It's been 7 years since then. It would be nice to hear if there are plans to actually implement it

Luiggi · June 27, 2023, 3:41pm

Coming very soon