API Authentication and Authorization

Introduction

To access our API, you'll utilize a two-tiered security approach, combining API Key and OAuth 2.0.

When you create your an account with us, we provide you both your API Key and your OAuth2 credentials details.

• API Key Authorization (Account-Wide Access Control):

  • Your API key acts as the master key for your entire customer account. It authorizes access to all available API resources. This key is designed to manage the overall usage and entitlement for your account. All applications and users operating within your account will share this single API key, simplifying account-level access management. This is designed for controlling the usage of the api as a whole, for your account.

• OAuth 2.0 Authentication (Granular User/Application Authorization):

  • Within your account, OAuth 2.0 enables fine-grained authorization control. It allows you to create multiple users or application clients, each with specific permissions (scopes), granting only the necessary permissions to each user or application. Even though all users/applications within your account use the same account-wide API key, OAuth 2.0 ensures that each interaction is authorized with the minimum required access. This is designed for controlling what each user, or application can do within the account.
  • You will need at least 1 Client App in your account. A default Client App will be created for you when you sign up.

Navigate to each respective section for detailed explanation how to obtain and use your API Key and your OAuth2 Client App Credentials.