Applicable Versions: 5.50.0078 and above


With version 5.50.0078 DataPA Enterprise was changed to only accept the username and password in the message body (post request) of a request by default. This was to ensure the username and password would be encrypted when passed across an SSL connection and so protect the security of the application.


We highly recommend customers embedding dashboards in their website or application, and passing a username and password to facilitate single sign on use a post request to pass the login details. However, if you do require the ability to pass the username and password in the URL, adding the application setting allowAutoLoginQueryString=true to the DataPA web application will allow this.


From version 6.00.0192:

The username and password may be obfuscated as Base64 if the additional parameter "obfuscated" is set to "true".  For example, in Javascript, use the function btoa() to convert a string to Base64.


You may also send the username and password in the HTTP Headers.  Use the headers "x-dpauser",  "x-dpapassword" and optionally "x-dpa-obfuscated"


Useful Links

How can I get the URL for a dashboard, report or query published to DataPA Enterprise so I can use it in my own web application?

How can I pass a parameter to a dashboard using the URL?

Creating application settings in IIS