19 Manage Essbase Using the MaxL Client

MaxL is a multi-dimensional database access language for Essbase.

To run MaxL scripts or statements, you must use the MaxL Client to issue the statements over HTTP or HTTPS.

Prerequisites to Set Up the MaxL Client

Complete these tasks before you download and use the MaxL Client. To execute MaxL scripts or statements, you must be a power user or administrator.

To prepare for using the MaxL Client,
  1. Get the URL for the Essbase instance from your Service Administrator. Its basic format is:
  2. Using a web browser or cURL, test that you can reach the discovery URL from the client host. A discovery URL is the URL provided by your Service Administrator, with /agent appended to the end.Here is a cURL example:
    curl --tlsv1.2
  3. Set up the SSL certificate, if applicable to your organization.
    • If you’re using one of these deployment types, a Trusted CA Signed SSL Certificate is included:
      • Oracle Analytics Cloud

      • Oracle Analytics Cloud with Identity Cloud Service (IDCS) and Load Balancing

      • Cloud at Customer with Load Balancing

    • If you’re using Oracle Analytics Cloud or Cloud at Customer with LDAP (without Load Balancing), use a self-signed certificate.
    • If you're using Essbase deployed on Oracle Cloud Infrastructure, see Set Up the SSL Certificate.
  4. To check if a certificate is trusted, paste the discovery URL into a web browser. If https is green or a label says “Secure,” it is trusted. If https is red or a label says “Not secure,” it is untrusted.
  5. If the certificate is untrusted (self-signed), import it to the client trust store (cacert.pem).
  6. The client verifies the server’s digital certificate using a provided ca-bundle certificate store. Provide the ca-bundle location by specifying the environment variable:
    API_CAINFO=CA certificate file path;
    If the path is not provided, the Essbase Runtime Client will try to get ca-bundle from the default OpenSSL installation location (applicable for Linux and Macintosh).

    Oracle Data Visualization clients and MaxL Client include a ca-bundle (cacert.pem).

    If you need a ca-bundle (cacert.pem), you can also download it. One sample source is: https://curl.haxx.se/docs/caextract.html.

Download and Use the MaxL Client

The Essbase MaxL Client enables you to use MaxL over HTTP or HTTPS. MaxL is an administrative, language-based interface for managing cubes and artifacts. Be sure you are using the latest client version provided in the Console, as older, previously downloaded versions may not work correctly.

To run MaxL statements, you must be a power user or an administrator. Before you download the MaxL Client, see Prerequisites to Set Up the MaxL Client.

If you’re a federated SSO user in Oracle Identity Cloud Service, logging in using MaxL or CLI is not supported. Federated SSO login requires a browser window. Create a native Identity Cloud Service user, and use that instead to log in using MaxL or CLI.

  1. In the Essbase web interface, click Console.

  2. In the Console, go to MaxL Clients.

  3. Click Download Image of the Download icon. next to the MaxL Client that is appropriate for your platform.

  4. Save the compressed EssbaseMaxl file to your local drive.

  5. Extract the contents of the compressed file to a folder.

  6. If you’re using a proxy, you must set the correct proxy in the MaxL execution script, startMAXL.bat or startMAXL.sh. The following example, applicable for editing startMAXL.sh for UNIX, tells MaxL to use the designated proxy (proxy.example.com), but to bypass using a proxy for the specific destinations listed in the exception list (, localhost, and something.example.com).

    export https_proxy=http://proxy.example.com
    export no_proxy=,localhost,something.example.com

    For Windows, startMAXL.bat can be edited similarly but with different syntax.

    set proxy proxy-server="https://proxy.example.com" bypass-list=";localhost;*.example.com"
  7. If you're using Essbase deployed on Oracle Cloud Infrastructure and are using a self signed certificate, you must disable peer verification in the MaxL execution script. Caution: this solution should be only temporary, until you can obtain a trusted CA certificate. Here is an example using bash (for startMAXL.sh):

  8. Run the startMAXL batch or shell script. A command prompt opens, the environment setup completes, and the MaxL Client starts up.

  9. Log in by providing your credentials and the Essbase URL in the MaxL login statement.

    In the following example, the user logging in, admin1@example.com is an Identity Cloud Service administrator who was set as the initial Essbase administrator during Essbase stack deployment on Oracle Cloud Infrastructure. As the password is not entered in this example, the administrator will be prompted to provide it next. The URL is the essbase_url from the job outputs resulting from the stack deployment.

    login admin1@example.com on "";

    Any Identity Cloud Service user provisioned to work with Essbase can log in to MaxL, as long as they are provisioned as a power user or administrator.

  10. Execute an interactive MaxL statement.

    For example:

    display database all;

To learn more about MaxL, see MaxL Statement Reference.