SQL Server API

Connect to Microsoft SQL Server databases as live data sources for document generation and email campaigns.

---

Base URL

https://app.datapublisher.io/api/sql-server

---

Authentication

All endpoints require JWT authentication via Authorization: Bearer header.

---

Overview

The SQL Server API allows you to:

• Connect to SQL Server instances (on-premises or Azure)

• Store encrypted connection credentials

• List databases, tables, and views

• Execute SELECT queries for data retrieval

• Import query results as CSV files

• Test connections before saving

Supported Versions:

• SQL Server 2016+

• Azure SQL Database

• Azure SQL Managed Instance

Authentication Methods:

• SQL Server authentication (username/password)

• Windows authentication (integrated security)

• Connection strings

---

Connection Management

Connect to SQL Server

Create a new SQL Server connection.

Endpoint: POST /connect

Headers:

Authorization: Bearer 
Content-Type: application/json

Request Body (SQL Authentication):

{
  "name": "Production Database",

  "server": "sql.company.com",

  "database": "SalesDB",

  "username": "app_user",

  "password": "secure_password",

  "port": 1433,

  "encrypt": true,

  "trustServerCertificate": false

}

Request Body (Windows Authentication):

{
  "name": "Internal Database",

  "server": "SQLSERVER01",

  "database": "InventoryDB",

  "integratedSecurity": true,

  "port": 1433,

  "encrypt": true,

  "trustServerCertificate": true

}

Request Body (Connection String):

{
  "name": "Azure SQL Database",

  "connectionString": "Server=tcp:myserver.database.windows.net,1433;Database=mydb;User ID=admin@myserver;Password=pass;Encrypt=yes;TrustServerCertificate=no;"

}

Response (200 OK):

{
  "success": true,

  "message": "Connected to SQL Server successfully",

  "dataSourceId": "uuid",

  "testResult": {

    "success": true,

    "message": "Connection test successful",

    "serverVersion": "Microsoft SQL Server 2019 (RTM) - 15.0.2000.5",

    "databaseName": "SalesDB"

  }

}

Error Responses:

400 Bad Request - Missing required fields:

{
  "error": "Either connectionString OR (server + database) required"

}

400 Bad Request - Connection test failed:

{
  "error": "Connection test failed",

  "message": "Login failed for user 'app_user'"

}

---

Test Connection

Test SQL Server connection without saving.

Endpoint: POST /test

Headers:

Authorization: Bearer 
Content-Type: application/json

Request Body: (Same as /connect)

Response (200 OK):

{
  "success": true,

  "message": "Connection test successful",

  "serverVersion": "Microsoft SQL Server 2019",

  "databaseName": "SalesDB",

  "connectionTime": "45ms"

}

---

List Databases

Get list of databases on connected SQL Server.

Endpoint: GET /databases

Headers:

Authorization: Bearer 

Response (200 OK):

{
  "success": true,

  "databases": [

    {

      "name": "master",

      "size": "6.00 MB",

      "owner": "sa"

    },

    {

      "name": "SalesDB",

      "size": "250.50 MB",

      "owner": "app_user"

    },

    {

      "name": "InventoryDB",

      "size": "125.25 MB",

      "owner": "app_user"

    }

  ],

  "count": 3

}

Notes:

• Requires VIEW ANY DATABASE permission

• System databases (master, model, msdb, tempdb) included

• user databases accessible based on permissions

---

List Tables

Get list of tables and views in a database.

Endpoint: GET /databases/:databaseName/tables

Headers:

Authorization: Bearer 

Path Parameters:

• databaseName: Database name

Response (200 OK):

{
  "success": true,

  "database": "SalesDB",

  "tables": [

    {

      "schema": "dbo",

      "name": "Customers",

      "type": "TABLE",

      "rowCount": 1500

    },

    {

      "schema": "dbo",

      "name": "Orders",

      "type": "TABLE",

      "rowCount": 3200

    },

    {

      "schema": "dbo",

      "name": "Products",

      "type": "TABLE",

      "rowCount": 450

    },

    {

      "schema": "dbo",

      "name": "vw_CustomerOrders",

      "type": "VIEW",

      "rowCount": null

    }

  ],

  "count": 4

}

---

Get Table Schema

Retrieve column information for a specific table.

Endpoint: GET /databases/:databaseName/tables/:tableName/schema

Headers:

Authorization: Bearer 

Path Parameters:

• databaseName: Database name

• tableName: Table name (include schema: "dbo.Customers")

Response (200 OK):

{
  "success": true,

  "database": "SalesDB",

  "table": "dbo.Customers",

  "columns": [

    {

      "name": "CustomerID",

      "type": "int",

      "maxLength": null,

      "nullable": false,

      "isPrimaryKey": true

    },

    {

      "name": "CompanyName",

      "type": "nvarchar",

      "maxLength": 100,

      "nullable": false,

      "isPrimaryKey": false

    },

    {

      "name": "Email",

      "type": "nvarchar",

      "maxLength": 255,

      "nullable": true,

      "isPrimaryKey": false

    },

    {

      "name": "TotalSales",

      "type": "decimal",

      "maxLength": null,

      "nullable": true,

      "isPrimaryKey": false,

      "precision": 18,

      "scale": 2

    }

  ]

}

---

Data Operations

Execute Query

Execute a SELECT query and retrieve results.

Endpoint: POST /query

Headers:

Authorization: Bearer 
Content-Type: application/json

Request Body:

{
  "databaseName": "SalesDB",

  "query": "SELECT TOP 100 CustomerID, CompanyName, Email, TotalSales FROM dbo.Customers WHERE TotalSales > 10000 ORDER BY TotalSales DESC",

  "timeout": 30

}

Response (200 OK):

{
  "success": true,

  "columns": ["CustomerID", "CompanyName", "Email", "TotalSales"],

  "data": [

    {

      "CustomerID": 1001,

      "CompanyName": "Acme Corp",

      "Email": "contact@acme.com",

      "TotalSales": 145000.50

    },

    {

      "CustomerID": 1005,

      "CompanyName": "TechStart Inc",

      "Email": "info@techstart.com",

      "TotalSales": 98000.00

    }

  ],

  "rowCount": 100,

  "executionTime": "125ms"

}

Security:

• Only SELECT queries allowed

• No INSERT, UPDATE, DELETE, DROP, etc.

• Query validated before execution

• Timeout enforced (default: 30 seconds)

Error Responses:

400 Bad Request - Invalid query:

{
  "error": "Only SELECT queries are allowed"

}

500 Internal Server Error - Query execution failed:

{
  "error": "Query execution failed",

  "message": "Invalid column name 'TotalSale'"

}

---

Import Query Results

Execute query and import results as CSV file.

Endpoint: POST /query/import

Headers:

Authorization: Bearer 
Content-Type: application/json

Request Body:

{
  "databaseName": "SalesDB",

  "query": "SELECT * FROM dbo.Customers WHERE Region = 'West'",

  "fileName": "west-customers.csv",

  "description": "Customers in Western region",

  "tags": ["customers", "west", "sql-server"]

}

Response (200 OK):

{
  "success": true,

  "fileId": "csv-file-uuid",

  "fileName": "west-customers.csv",

  "rowCount": 350,

  "columnCount": 12,

  "message": "Query results imported successfully"

}

---

Connection Management

List Connections

Get all SQL Server connections for the user.

Endpoint: GET /connections

Headers:

Authorization: Bearer 

Response (200 OK):

{
  "success": true,

  "connections": [

    {

      "id": "uuid",

      "name": "Production Database",

      "server": "sql.company.com",

      "database": "SalesDB",

      "isActive": true,

      "createdAt": "2026-01-15T10:00:00Z",

      "lastUsedAt": "2026-02-12T09:30:00Z"

    }

  ],

  "count": 1

}

---

Update Connection

Update connection settings (not password).

Endpoint: PUT /connections/:connectionId

Headers:

Authorization: Bearer 
Content-Type: application/json

Request Body:

{
  "name": "Updated Connection Name",

  "database": "NewDatabase"

}

Notes:

• Cannot update server, username, or password

• To change credentials, delete and recreate connection

---

Delete Connection

Remove SQL Server connection and credentials.

Endpoint: DELETE /connections/:connectionId

Headers:

Authorization: Bearer 

Response (200 OK):

{
  "success": true,

  "message": "Connection deleted successfully"

}

---

Security Features

Credential Encryption

• All credentials encrypted using AES-256

• Encryption key stored in environment variables

• Per-user isolation prevents cross-user access

Query Restrictions

• Only SELECT statements allowed

• No data modification (INSERT/UPDATE/DELETE)

• No schema changes (CREATE/ALTER/DROP)

• Query timeout enforced

• Result set size limits

Network Security

• SSL/TLS encryption supported

• Azure SQL requires encrypted connections

• Trust server certificate option available

---

Rate Limiting

• Connection operations: 100 per 15 minutes

• Query execution: 500 per 15 minutes

• Large queries: Consider pagination and limits

---

Common Error Codes

| Status Code | Description |

|-------------|-------------|

| 400 | Invalid connection parameters or query |

| 401 | Unauthorized - invalid JWT |

| 403 | SQL Server authentication failed |

| 404 | Connection, database, or table not found |

| 408 | Query timeout exceeded |

| 500 | SQL Server error or internal error |

---

Best Practices

Use Views: Create database views for complex queries

Limit Results: Use TOP or pagination in queries

Index Tables: Ensure tables have proper indexes

Test First: Always test connection before saving

Credentials: Use least-privilege accounts

Encryption: Always use encrypted connections for production

Timeout: Set appropriate query timeouts

Error Handling: Handle connection failures gracefully

---

Related Documentation

• Google Sheets API - Google Sheets integration

• Microsoft Excel API - Excel integration

• Data Sources API - Data source management

• Data Sync API - Automated synchronization

• CSV Upload API - CSV file management