API Authentication

In order to generate a client ID and client secret you will need your Domo instance name (i.e. the name preceding your domo.com URL, in the case of “acmecompany.domo.com” your instance name would be acmecompany).

To create a client ID and secret you will need to log in within the Developer Portal:

Figure 1.1 Login Button

You will be prompted to enter your instance name and then your user credentials.

Figure 1.2 Sign in with instance name

Once logged in, click on “My Account” to create a new client.

Figure 1.3 Open client management

In “My Clients” section, create your client by adding a client name, description, and define the client’s scope.

Figure 1.4 Create new client

After submitting successfully, you will now have a newly provisioned client ID and secret.

Figure 1.4 View Client ID and Secret

Once you obtain your client ID and client secret you will then need to obtain your access token with the following request:

$ curl -v -u {CLIENT_ID}:{CLIENT_SECRET} "https://api.domo.com/oauth/token?grant_type=client_credentials&scope={SCOPE}"

Please note that in the above example, when using the -u command line option, cURL correctly formats the client id and secret to a basic authorization header. If you are programmatically requesting access tokens, make sure that you are correctly including the basic authorization header with your Base64 encoded credentials. See the OAuth client credential grant type access token request specification and the HTTP Basic Authentication Scheme specification for more information.

An example with your scope,client_ID, and client_secret would look similar to below:

$ curl -v -u 441e307a-b2a1-4a99-8561-174e5b153fsa:f103fc453d08bdh049edc9a1913e3f5266447a06d1d2751258c89771fbcc8087 "https://api.domo.com/oauth/token?grant_type=client_credentials&scope=data%20user"

Once you request a token with the curl command, you should receive the following response with an associated access token:

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-store
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Date: Thu, 03 Aug 2017 17:05:58 GMT
Expires: 0
Pragma: no-cache
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

{
    "access_token": "eyJhbGciOiJSUzI1NiJ9.eyJyb2xlIjoiQWRtaW4iLCJzY29wZSI6WyJkYXRhIiwidXNlciJdLCJleHAiOjE1MDE3ODM1MTksImVudiI6InByb2QxIiwidXNlcklkIjo5NjQzODI1OTAsImp0aSI6IjgxZGVjZTRjLWRmNzMtNDU2OS04NTNjLTJkMWEzMjg4OTdmZCIsImNsaWVudF9pZCI6IjQ0MWUzMDdhLWIyYTEtNGE5OS04NTYxLTE3NGU1YjE5M2VlYSIsImN1c3RvbWVyIjoidHJhaW5pbmcifQ.O0H29RFMjruZjA7cXvIctNf8IyuKSyoLggRB5ps7r8LwJL7FM-BWu8oyEPnCopvED-2Sy6emg__8PKQ6r4FPRnsyp4A1uwLwyii8fUmp8NQX3QlprL72_Xc-5ghDtWILPX_Pg77giFLbH-nAys5nsI9S2MDL-xwIFnS3p0iAqSmio5yk6F61Gi_fXVPbDARQ6c2Ci2q2wxFG-xk1lqdlKoPnQwmcQcIJhfgvQ6-15SxNuwZhoQZCZt01wTJ65phFsqoYFHPgznlMxISxDJz2moCjKIY8O9qobj9kIbegpusKUzLeBO9SVc7V3KNZal9f_m-8eGJ3j2bbMFEnaHz8jMJQ",
    "customer": "acmecompany",
    "expires_in": 3599,
    "jti": "81dece4c-df73-4569-853c-2d1a328897fd",
    "role": "Admin",
    "scope": "data user",
    "token_type": "bearer",
    "userId": 964382593
}

Now that you have received your access token, you will use it for each of your request. It is recommended to simplify the process with the following request with:

export ACCESS_TOKEN=<your-valid-oauth-access-token>

Below is an example of a request with an example token:

export ACCESS_TOKEN=eyJhbGciOiJSUzI1NiJ9.eyJyb2xlIjoiQWRtaW4iLCJzY29wZSI6WyJkYXRhIiwidXNlciJdLCJleHAiOjE1MDEyODUwODQsImVudiI6InByb2QxIiwidXNlcklkIjo5NjQzODI1OTAsImp0aSI6IjY5EOTY3MjlkLTUwNjItNGIxZS1hY2I0LTc3MTIzMjhiZDM0NSIsImNsaWVudF9pZCI6IjQ0MWUzMDdhLWIyYTEtNGE5OS04NTYxLTE3NGU1YjE5M2VlYSIsImN1c3RvbWVyIjoidHJhaW5pbmcifQ.k5H4Is71IeUzUzzh0nq5NswfoLauZ_Ap75qv2DCEsmybBC_MAsZBdnqmotHQ52udqolP9S-m88IuRfMAsj5L5KQRi7ZZGvWfinmSNeRkKlMWF2bLgHLKFh3prp6dYl4OEjQ2p7_jr1iIE7CWo75QrYOEEEab--X0XoWPBTu9pdsiKW9gxhfYCTrtLARFVLsnGjdpP7DrZJk6Boq_a-K6_sCel-YPbUvAylnxwKT8pSOXV5AAsd-7hqUCYStfonhlSNme4oLqYNuuvfttRCqwE9Eu92mtNZEDBi5s2vBblpuVz77-goxoVGb3rEpx794IMAXAVG9mYdmdrnMycpVk54g

Now that you've exported your token, you can dynamically populate when making calls to any of Domo's API like in the example below:

echo '{"name": "Sales Operations Team", "default": false}' | http -v POST https://api.domo.com/v1/groups Authorization:"bearer $ACCESS_TOKEN" --pretty=format

Now that you have an access token, begin exploring any of Domo’s APIs.

No problem, we'd love to help. Explore our documentation, answers to frequently asked questions, or join other developers in Domo's Developer Forum.  For further help, feel free to email us or contact our sales team.