πŸ”‘ API Security

Our APIs use a simple authentication mechanism to ensure secure access using a custom http header.

Authentication Header

To authenticate with our APIs, each request must include an http header named 'X-Auth-Token', where you provide your token. This token acts as a key to identify and authorize your access to our systems.

X-Auth-Token: {APITOKEN}

Postman Configuration:

πŸ“† Token Expiration Dates

Test Tokens: are valid for 12 months, from the date of issue.

Production Tokens: are valid for 10 year, from the date of issue.

🚦 Token Boundaries

Each API token provides access to one specified system instance (one operator). The token can be issued only by consent of the given operator's system administrator.

If you wish to access data of more than one operator, you'll need a token per each operator.

If you wish to run more applications within one operator's instance, you'll need one token for each application.

πŸ” Token Access Rights

Each token is set with predefined rights to access certain API endpoints and execute exactly defined API methods.

Token's access rights are set up by FL3XX.

🚧

⚠️ Important

FOR PRODUCTION ENRIRONMENT: Each API token provides access to one specified system instance (one operator). The token can be issued only by consent of the given operator's system administrator.