To start embedding data using REST APIs, enable CORS and content security settings.

The REST API allows you to get data out of ThoughtSpot so you can embed it in a Web page, portal, or application. To access REST APIs, you must authenticate through SAML SSO. For more information on configuring SAML, see SAML SSO.

Cross-Domain Verification

To use REST APIs, you must enable CORS and whitelist your client application domains. This protects your data, so that another website cannot use a URL to get data from ThoughtSpot. For more information on enabling Cross-Origin Resource Sharing (CORS) and whitelisting application domains, see Configure security settings.

Base URI

The base URI for the REST APIs calls includes the following:

  • The hostname or IP address of your ThoughtSpot application instance.

  • Port number

For example:


API service name and version

For REST API calls, in addition to the base URI, append the API service name and the version number.

For example: