The Datavault Builder offers possibilities to be integrated within your companies IT-Landscape.


Please note, that this article is WIP and does only highlight certain integration options.


Every action in the Datavault Builder calls a REST-API. Therefore, every action you can perform within the GUI, you can as well perform directly by calling the REST-API.

Using a standard user
One possiblity, is to write a script which will at the beginning login to the Datavault Builder just as you do with the User Interface by calling the login-API. This API will then return you an authentication-token, which needs to be sent with each and every request. For security reasons, this tokens timeout after a certain while.
Therefore, when writing your script, make sure to call renewToken before the login expires.
Using a technical user

Another possibility is to make use of a technical user. A technical user is a role, which after login will receive an access Token without an expiration. With this long-living Tokens you can then create your REST-API calls, without having to worry about token-timeouts.

  1. As a prerequisite to keep the token stable even when restarting the Datavault Builder, you need to define an additional environment-variable in the docker-compose file, the JWT_Secret. By default, the JWT_Secret is assigned randomly on startup, leading to different tokens generated.

    - JWT_SECRET=yoursecret
  1. Then a technical user can be created by calling the function dvb_core.f_create_user in the command line. Make sure to set the parameter non_expiring_token to TRUE.

  1. Call the login-API to get your non-expiring token.


    {username: "technical_username",
    password: "SuperPassword"}


  2. This token can now be used in the header of any REST-Call made to the Datavault Builder API, without requiring a fresh login.

    It is recommended to still expire this tokens after a while. To do so, you can change the JWT_SECRET in the docker-compose file and restart the API (can be done by calling docker-compose up -d). Thereby all previously received tokes are invalidated.