SlicingDice Documentation

SlicingDice API Docs

Welcome to the SlicingDice API documentation. You'll find comprehensive guides and documentation to help you start working with SlicingDice as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    Documentation

Query permissions

SlicingDice has support to multiple levels of API keys, as you can read on this page, but imagine you want to allow some application or a specific user to simply query a column or columns, not on the entire table or database.

This is main purpose of the Custom API Key.

Custom API Keys can be configured to allow querying only over specific columns from a database, as determined in the control panel. For instance, you can create a custom API key allowed to query on the columns visited-pages, age and gender, but forbidden to query on username and address column. You can create as many custom API keys as you need.

A custom API key can be one of three levels: read-write, write-only or read-only.

Creating a Custom API Key

Creating a custom API key using the control panel is very easy.

  1. The first step is to click on the Custom API Key section of the panel's menu to access the page containing all custom api keys. Optionally, you can enter on this page directly by accessing this address: https://panel.slicingdice.com/custom_api_keys/.
  1. The second step is to click on the Create a Custom API Key button, located on the top right side of the page.
  1. The third and final step is to fill all necessary fields, such as: API Key Name, API Key Description (Optional), API Key Permission Level (Write, Read or Read & Write), select the database and add the Columns you want to allow for this custom API key. You can also add a Database IP / Domain Address Whitelist (Optional) if you need it. After that, click on the Create button.

Once the custom API key is created, it will automatically appear on the List of Custom API Keys page.

Querying using a Custom API Key

Making queries using a custom API key works the same way of any database read key, there are no special parameters or requirements to use it.

You simply need to put this custom API key on the Authorization header if you are using a cURL request or on the custom_key variable of the SlicingDice's clients/SDKs.

As you can see below, if you try to query a column that is not configured/allowed on the custom API key, the following API error will appear.

{
    "errors": [
        {
            "code": 506,
            "message": "Authentication: Your custom API key does not have permission to operate with the column \"columnName\"."
        }
    ],
    "status": "error"
}

Now, if you configured some IP address or domain whitelist on the custom API key and try to make the request from a different IP or domain, the follow API error will appear:

{
    "errors": [
        {
            "code": 504,
            "message": "Authentication: Remote address not in whitelisted addresses."
        }
    ],
    "status": "error"
}

Query permissions