Hi there,
I was wondering how one would go about representing a CDF Client credential as a connection string.
The main idea is to have a single string representing the credentials needed to connect to CDF. The connection string itself should be unwrapped by whatever client it is passed to (Python SDK, JS SDK, etc), and should of course not be sent as part of the request to the API.
For tenants using API-keys, something like this may make sense:
cdf://CLIENT_NAME:API_KEY@api.cognitedata.com/PROJECT_NAME
However, using tokens instead of api-keys is a bit trickier:
cdf://TOKEN_USERNAME:TOKEN_SECRET@api.cognitedata.com/PROJECT_NAME?token_url=TOKEN_URL&token_scopes=TOKEN_SCOPES
Naturally, it is possible to but anything in the URL parameters, but generalizing the username, password and path-properties would be great.
Some challenges that come to mind:
- How to differentiate between different authentication methods (i.e. api-keys and tokens
- Is it possible the keep a consistent scheme regardless of authentication method? I.e. always format the path as “BASEURL/PROJECT_NAME”, keep username/password fields the same, etc?
- Should client name be part of the connection string?
- Is this even a good idea?