Adobe Analytics

abhinavbalooni · 11/27/23

Hello !

It's my turn to pose a query today !

I am setting up data insertion API and the data is reflecting well in the reports.

My query is if we would like to add authentication to these network calls, how should we do it? Problem I see with these calls are that in the default state, there are no fields which serve like an authentication. Anyone can just grab the required details and make an API call and send data to the report suite.

Has anyone added an authentication layer to it ? Is there a possibility of doing it so that if someone makes a hit without authentication, that data does not get into Analytics.

Cheers,

Abhinav

andylunsford1 · 1/17/24

Hey @abhinavbalooni!

To the best of my knowledge, no one has added an authentication layer to the API (or at least publicly done that) and I think that's by design. If you're wanting an authentication layer, BDIA is probably your best bet. https://developer.adobe.com/analytics-apis/docs/2.0/guides/endpoints/bulk-data-insertion/

Regarding the point you make:

@abhinavbalooni wrote:
Problem I see with these calls are that in the default state, there are no fields which serve like an authentication. Anyone can just grab the required details and make an API call and send data to the report suite.

One thing you could do is dedicate a required prop / eVar in your report suite, and request it be a specific value (don't expose it if you can). From there, all calls that don't match that specific value that you specify, you could set up a processing rule to modify the value of your user agent if you wanted to use bot filtering, or some other metric that you could classify this data as coming from unknown sources. It doesn't stop it from wasting server calls, but it could at least prevent it from muddying up your data!

View solution in original post

andylunsford1 · 1/17/24

Hey @abhinavbalooni!

To the best of my knowledge, no one has added an authentication layer to the API (or at least publicly done that) and I think that's by design. If you're wanting an authentication layer, BDIA is probably your best bet. https://developer.adobe.com/analytics-apis/docs/2.0/guides/endpoints/bulk-data-insertion/

Regarding the point you make:

@abhinavbalooni wrote:
Problem I see with these calls are that in the default state, there are no fields which serve like an authentication. Anyone can just grab the required details and make an API call and send data to the report suite.

One thing you could do is dedicate a required prop / eVar in your report suite, and request it be a specific value (don't expose it if you can). From there, all calls that don't match that specific value that you specify, you could set up a processing rule to modify the value of your user agent if you wanted to use bot filtering, or some other metric that you could classify this data as coming from unknown sources. It doesn't stop it from wasting server calls, but it could at least prevent it from muddying up your data!

abhinavbalooni · 1/17/24

Thanks a lot @andylunsford1 for the response. I did wanted to confirm I am not missing anything on the authentication piece.

On the evar/prop bit, that is an interesting approach. Will try that out as well.

Thanks again.

Abhinav

Adobe Analytics

Data Insertion API - How to add authentication to the calls

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe