Aristotle Token Question

I have generated a read only token for use with making API calls. I have noticed that if make a call with a browser where I am currently logged into my Aristotle registry account I get the expected number of results returned (albeit paginated). When I use the same call on a browser where I am not signed into my account I only get the publicly available records, in fact I get this result when making the call without my token.

Is this expected behavior?

My call is

I expect to have returned >21k results
I get the correct number of results when I am logged into my account on the same browser.
If I am not logged in I get 112 results which is the same result set (metadata items at public restriction) I get when I make the call without including my token

**My actual token is redacted :smiley:

Hi Adrian,

Are you including the token authorisation in your header when you’re submitting the request through outside of your browser session?

Submitting via a browser will use your active logged in credentials from your browser session. You can find the header details on the top right of the api v4 documentation which gives you the below:


Without specifying the authentication token key there you’ll only be able to query the publicly available information as Aristotle won’t carry through your permissions to the API call.

1 Like

Thank you for the information. After reading your post I have just place my authorization token in the value box as described.

I have just opened the URL as published above (with my read token) in a browser where I have not signed into the registry and I am still getting only the public results not the full result set expected.

I think my use of the ?t=token is incorrect, but it was what I was reading here when trying to connect Power BI to Aristotle. The format they specified was

You can replace it with a link like “http://[school][token returned from previous step]” in your link.

The URL I am using is

The authorisation doesn’t appear to be being honoured from there, but was shown as an indication of what you’ll need to include in your header in your requests.

When using the api from a programming language you’ll want to use something like the below for python which should return a dictionary with the first 50 datasets in your repository you can see:

import requests

page_size = 50

url = "http://{your_site_here}/api/v4/metadata"
token = "your_token"


res = requests.get(url, headers=headers, params=dict(page=1, page_size=page_size))


Not sure which specific language you’re trying, but the browser seems to just require you to log in normally to be able to use the API via browsers.

1 Like

Thank you Waylon, sadly I am not programmatically trying to access the Aristotle data I am trying to connect Microsoft Power BI to the data. I will keep thinking about this problem and see how I go. More information to come :smiley:.

You should be able to use a rest api connector with support for header authentication in Power BI (lots of options come up on google). I’d be surprised if they don’t support a similar sort of authentication though it may require setting up a service account or other support from your IT area.

Yes, the API is set up to allow people to access the same metadata they can get through the site. This means that unauthenticated user can still use the API to access public metadata.

The Aristotle API doesn’t allow you to pass the token via a query parameter, so the t=readtoken won’t actually be used by Aristotle to authenticate you. This is for security purposes as the token acts like a password.and if its passed as part of the URL it can get logged in certain places, such as proxies and caches.

I had a quick look and it looks like you can pass a standard HTTP Authentication Header from PowerBI based on the link below:

1 Like