API Keys

The API Key Authentication is an alternative to Http Basic Authentication, that improves authentication security by replacing user's credentials for a random generated key. This key does not contain any sensitive data, so key may be stored on 3rd party location.

Content:

Resource information

Url https://api.profit365.eu/1.4/company/security/apikeys
Authentication required
Access level company
Response JSON / XML
Class

Usage of the API Key

There are two types of API Key:

  • user key, which current user generates for himself. Key replaces only user's credentials. An optional company identification is used in request. User keys are not not generated by this resource.
  • user-and-company key, which current user generates for any user and current company. This key replaces user's credentials and company identification. An optional company identifiaction in request is not allowed. User-and-company keys are generated by this resource.

 

Generate new API Key

Url https://api.profit365.eu/1.4/company/security/apikeys
Method POST
Content A new API Key Data
Example POST https://api.profit365.eu/1.4/company/security/apikeys

Authorization: Basic *** hidden credentials ***
ClientID: ad49563b-9660-4c5b-8185-7d5779907de2
ClientSecret: j7896WnI0U1...
CompanyID: 12e40022-0be4-4eec-8840-3d288f0a09b8
Content-Type: application/json

{
"userName": "john.doe@company.com",
"ipAllowed": [ "53.77.251.145",
"53.77.251.146",
"53.77.251.147"
]
}

API Key Data

userName

required

Username of the user, whose identity is assigned to API key.

Type: string

request, response

key

required

The API Key

Type: string

response

ID

required

An ID of the key

Type: GUID

response

ipAllowed

optional

Whitelist of IP addresses

Type: string array

request, response

ipDenied

optional

Blacklist of IP addresses

Type: string array

request, response