API key
Authenticating using API keys
This option can be disabled through configuration in all interfaces, with the exception of those used for device integration. The API keys can be sent using one of following methods:
- As a request header
- As a parameter in the request URL (with the former preferred for security reasons). This option is only available for device integration
Using an HTTP header
This is the recommended method of sending your API key. While it is not secure if sent over an unencrypted connection, it is less likely to be logged as part of the URL:
API Key in HTTP header example:
POST /south/v80/devices/YOUR-DEVICE-ID/collect/dmm
Host: [api.opengate.es]
X-ApiKey: YOUR-API-KEY-HEREThe API key is sent using the X-ApiKey HTTP header. An example of POST request may look like this:
curl --request POST \
--verbose \
--header "X-ApiKey: YOUR-API-KEY-HERE" \
--header "Content-type: application/json" \
--data-binary @device.json \
http://api.opengate.es/north/v80/provision/organizations/{organizationName}/devicesAs a request parameter
| Parameter Name | Value |
|---|---|
| X-ApiKey | YOUR_API_KEY_HERE |
http://api.opengate.es/south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HEREAPI key as URL parameter example:
POST /south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HERE
Host: [api.opengate.es]