API key

Authenticating using API keys

The API keys can be sent using one of following methods:

As a request header
As a parameter in the request URL (with the former preferred for security reasons).

Using an HTTP header

This is the recommended method of sending your API key because, whilst still not secure if sent over an unencrypted connection, it is less likely to be logged as part of the URL:

API Key in HTTP header example:

POST /south/v80/devices/YOUR-DEVICE-ID/collect/dmm
Host: [api.opengate.es]
X-ApiKey: YOUR-API-KEY-HERE

The API key is sent using the X-ApiKey HTTP header. An example of POST request may look like this:

curl --request POST \
     --verbose \
     --header "X-ApiKey: YOUR-API-KEY-HERE" \
     --header "Content-type: application/json" \
     --data-binary @device.json \
     http://api.opengate.es/north/v80/provision/organizations/{organizationName}/devices

As a request parameter

Parameter Name	Value
X-ApiKey	YOUR_API_KEY_HERE

http://api.opengate.es/south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HERE

API key as URL parameter example:

POST /south/v80/devices/{device.id}/collect/dmm?X-ApiKey=YOUR-API-KEY-HERE
Host: [api.opengate.es]