Initial Looker Setup Through API

  • 26 September 2019
  • 4 replies

Is there a way to automatically setup a new instance of looker with license and default user through the API, startup options or environment variables?



4 replies

Update to the original task to initialize looker. No API available at this point so we have to follow how looker does the requests.

  1. /setup/license

  2. /eula

  3. Setup the user to use API (Have not gotten this far yet)

Following the post data and that Looker uses CSRF tokens for security. I was able to successfully generate post data for these steps using curl and cookie support.

  1. Get the license request cookie

    curl -kv -c cookies.txt -b cookies.txt “https://${host_name}:9999/setup/license”

  2. Get the token from the cookie

    token=$(grep CSRF-TOKEN cookies.txt | sed ‘s/^.CSRF-TOKEN\s//’)

  3. Post the data for license and registration (parameters must be encoded to use -d)

    curl -kv -c cookies.txt -b cookies.txt -d “csrf-token=${token}&license_key=${license}&first_name=${first_name}&last_name=${last_name}&email=${email}&password=${password}&confirm_password=${password}” -X POST “https://${host_name}:9999/setup/license”

  4. Get the eula request cookie

    curl -kv -c cookies.txt -b cookies.txt “https://${host_name}:9999/eula”

  5. Get the token from the cookie

    token=$(grep CSRF-TOKEN cookies.txt | sed ‘s/^.CSRF-TOKEN\s//’)

  6. Post the data for eula

    curl -kv -c cookies.txt -b cookies.txt -d “csrf-token=${token}&agree=on” -X POST “https://${host_name}:9999/eula”

Should be able to log in at this point.

  1. Setup user API key. In progress…

This is what we did to take care of (I think) most of the steps you covered above.

  1. license/user: Auto-Provisioning a Looker Instance

  2. set up of API - inserted into the looker.script file (in the db folder) a line that sets the CREDENTIALS_API3 value - (you can get the value by manually setting things up and looking at the db file(s) for the related change


The hsql change is tricky as a new instance has a basic .script file and all looker migrations are run and logged into the .log file. On hsql checkpoint, the in memory database is committed to the .script file.

Trying to find out if the user already has an api3 setup is also tricky. I think command line access to the hsql db might be beneficial for this as we could then select for existing first, then do work.

What we need is a new node in the yml provision file to setup api3 for the user.

license_key: "1234-5678-ABCD-EFGH-IJKL"
host_url: ""
first_name: "John"
last_name: "Smith"
email: ""
password: "password123"
client_id: "123"
client_secret: "abc"
Userlevel 6

For reference after the fact, this is now possible via `api-provision.yml`