Authentication logic - API key
To establish connectivity with an Inspectorio Server API, you can now use an
What is an API Key?
An applicaton programming interface key (API Key) is a unique code, primarily used to identify the calling program or its user. An API Key identifies and validates the source of an API request.
Inspectorio’s API Keys are
non-guessable. API Keys that are generated by Inspectorio use
special characters and they don’t expire unless removed.
Why do we use API Key?
To establish connectivity with an Inspectorio API, you must authenticate your request.
With this authentication logic, you can use an API Key to make the integration between Inspectorio APIs and your server easier, specifically not having to refresh tokens after a certain amount of time. Moreover, it is one of the most secure authentication methods in practice.
How do I generate my API Keys?
You manage your API Keys within the Inspectorio Rise web platform, accessible via web browser. An
Account Owner of your organization on the Inspectorio Rise platform has access to create and manage API Keys.
This API key management page will be displayed in the
View Organization Settings of your account:
An API Key will be generated and activated when you click on button Create API Key in the Inspectorio Rise platform.
By using this API Key feature, you can:
multipleAPI Keys for your organization
a descriptionfor each API Key
Removeany API Key from Inspectorio platform (The removed API Key cannot be used to authenticate your request to Inspectorio Server API anymore).
API Key identification and storage
An organization can have
multiple API Keys. The API Keys are
secure and usable only within one organization. You cannot use one organization’s Key to send an API request for another organization.
Please make sure you store your
API Keys safely somewhere right after it created because Inspectorio will not store any API Key, and we cannot restore it for you.
When you navigate back to the API Key feature, your API Key will be shown as
hidden text. We just display
the prefix as a hint in case you want to remove this API Key.
We recommend that you add a description for each API Key so you can track the purpose of each Key. This will ensure that you do not make a mistake when removing a Key later on.
How do I authenticate my request by API Key?
As soon as your API Key has been generated from within the Inspectorio Rise platform, you can use this Key to authenticate your Inspectorio API’s requests by adding the header key:
apiKey with the value of the created key.
The API Key will be valid until it is removed from your API Key Management page, or the creator is removed from the Inspectorio Rise platform. If you try to authenticate with the
wrong API Key value or an
API Key already removed from the Inspectorio Rise platform, then you will see the
following error message in the request body.
"message": "API Key is invalid"