Back to feed
GCP·Lookerannouncement·
AI Insights

To enhance security, the Looker language SDKs and the Looker API /login endpoint are being modified.

To enhance security, the Looker language SDKs and the Looker API /login endpoint are being modified. They will exclusively accept passing credentials in the HTTP request body and will no longer support using URL query parameters.

Release date: This update is expected to take effect with the Looker 26.18 release in October 2026.

Potential impact: Any scripts or applications currently passing credentials in the URL query parameters in the Looker SDK libraries, or directly calling the /login API endpoint, will fail after this update.

Who is affected: All customers using Looker SDKs, custom scripts, or applications that call the /login API endpoint directly.

Action required:

We have sent a message to your affected customers. However, to help avoid service disruptions, please recommend that they evaluate their environment and take the following actions before October 2026:

• Upgrade SDKs: Upgrade the Looker SDKs to version 26.4 or later as soon as possible. • Update custom scripts: Modify any scripts or applications that rely on passing Looker API credentials in URL query parameters so that they will pass credentials in the HTTP request body. • Test the environment: Validate these changes in an environment that can identify these potential misconfigurations.

Read original announcement

More from Looker

Available in preview, you can chat with Conversational Analytics data agents in user-defined dashboards and in LookML dashboards.Mar 30, 2026Now generally available, Looker has full support for connections with AlloyDB for PostgreSQL.Mar 30, 2026Available in preview, you can publish the Conversational Analytics data agents that you create in Looker to Gemini Enterprise.Mar 30, 2026Available in preview for Looker (Google Cloud core), you can now track end-to-end data lineage from BigQuery to Looker...Mar 30, 2026