Authentication
The MT2Data Datalake Gateway uses OAuth 2.0 Client Credentials flow for authentication. You receive a client_id and client_secret from MT2Data, exchange them for a short-lived access token, and include that token in all API requests.
Base URL: https://datalake.mt2data.cloud
Your Credentials
You will receive credentials from MT2Data:
| Field | Description |
|---|---|
| Client ID | Your service account identifier |
| Client Secret | Secret key — keep secure, treat like a password |
| Token Endpoint | https://datalake.mt2data.cloud/oauth/token |
Step 1 — Get an Access Token
curl -X POST https://datalake.mt2data.cloud/oauth/token \
-H "Content-Type: application/json" \
-d '{
"grant_type": "client_credentials",
"client_id": "your-client-id",
"client_secret": "your-client-secret"
}'
Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}
Tokens are valid for 1 hour (3600 seconds).
Step 2 — Use the Token
Include the access token in the Authorization header on all API requests:
curl https://datalake.mt2data.cloud/catalog \
-H "Authorization: Bearer <your-access-token>"
Token Expiry & Refresh
When a token expires you will receive a 401. Request a new token via Step 1.
Best practice: track expires_in in your application and refresh the token ~60 seconds before expiry to avoid interruption. See Code Examples for complete implementations with automatic token refresh.