API key
Authenticating using API keys
This option can be disabled through configuration in all interfaces, with the exception of those used for device integration. The API keys can be sent using one of following methods:
- As a request header
- As a parameter in the request URL (with the former preferred for security reasons). This option is only available for device integration
Using an HTTP header
This is the recommended method of sending your API key. While it is not secure if sent over an unencrypted connection, it is less likely to be logged as part of the URL:
API Key in HTTP header example:
POST /south/v80/devices/YOUR-DEVICE-ID/collect/dmm
Host: [api.opengate.es]
X-ApiKey: YOUR-API-KEY-HERE
The API key is sent using the X-ApiKey
HTTP header. An example of POST
request may look like this:
curl --request POST \
--verbose \
--header "X-ApiKey: YOUR-API-KEY-HERE" \
--header "Content-type: application/json" \
--data-binary @device.json \
http://api.opengate.es/north/v80/provision/organizations/{organizationName}/devices
As a request parameter
Parameter Name | Value |
---|---|
X-ApiKey | YOUR_API_KEY_HERE |
http://api.opengate.es/south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HERE
API key as URL parameter example:
POST /south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HERE
Host: [api.opengate.es]