Private data mode (PDM) is a feature within the platform that allows us to protect our data on sandboxes from accidentally being seen by end-users.

Sometimes you would like to access information from the data-API that is considered restricted for end-users in a sandbox. You will bump into the error kind: “PDM”

Because you are working in a sandbox, you are always in need of a data_api_cookie. This information serves for logging in as a Betty user. Private Data Mode is turned on by default on any sandbox. The reason it is turned on is that we want to provide your application with a form of protection. With PDM turned off, external sources could access possible sensitive information. We still recommend that you use dummy-data in your sandbox applications.

In the previous topic about Getting Started with the data API, you have learned where you can set your HTTP Headers and what kind of format is needed.

We need to store this bearer token/data_api cookie like mentioned in the documentation.

The first and easiest way to generate a data_api_cookie is to log out of your Betty blocks account.

You can find the log-out button at the bottom left of your My Betty blocks page, or in the IDE.

After being logged out, you will have to log in again and refresh all the pages that are Betty blocks related. Including the GraphQL playground.

The second way is to have a pagebuilder page that is sending out a request to the Data-API. This is the preferred way and is suggested to follow by our Product department.

To do this, you would have to use a Datacontainer component on your canvas that is asking information from one of your models.

The value format of the data_api_cookie will look something like this:

The last method is to follow the redirect URL the data-API returns.

Important note: The URL does not have a redirect_uri parameter yet. This needs to be added by the user. Copy the URL the data-API provides and add a return parameter in the URL like so:

https://id.bettyblocks.com/oauth2/authorize?url=https%3A%2F%2Fid.bettyblocks.com&client_id=1234554321&redirect_uri=https%3A%2F%2Ffusionauth-dispatcher.betty.services%2Foauth%2Fbuilder&response_type=code&scope=offline_access&state=4ab3574415b741ddbde97c90abcdefg%2C{{your_application_name}},{{the URL you want to be redirected to}}

This will redirect you to the last URL provided, where you will have to log in.

If none of the above steps seem to work, there is a workaround to manually add your data_api_cookie to your cookies.

For this, we need to use the command cookieStore.set() function, and we need to use the Console.

The cookieStore.set function is a function that sets a cookie in your browser. You can find more information on the Develop mozilla cookieStore page.

We are going to copy the steps from our second step, but instead of setting the value of your “Cookie” into your HTTP Headers, we are going to insert this as a cookie directly into your browser.

You can do this, by using the following command in your Console by inspecting your page (F12, or Right click --> inspect) and press “Esc”:

Note: Make sure your values are in a JSON format as well.

cookieStore.set('data_api_cookie','{"4ab3574415b741ddbde97c90a3aff547":"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhcHBfdXVpZCI6IjRhYjM1NzQ0MTViNzQxZGRiZGU5N2M5MGEzYWZmNTQ3IiwiYXVkIjoiSm9rZW4iLCJidWlsZGVyIjp0cnVlLCJleHAiOjE2OTIyNzg3NjUsImlhdCI6MTY5MjI3NTE2NSwiaXNzIjoiSm9rZW4iLCJqdGkiOiIydHUybWl2Z2VqdWwwbXZxcHMwMDBuYzUiLCJuYmYiOjE2OTIyNzUxNjV9.abc123abc123"}')

If you did this correct, your console will return: Promise {<pending>}

After following these steps, we now have access to your private information!