Credentials and Authentication
Credentials
Contact iplicit support apisupport@iplicit.com to request credentials that provide access to the API endpoints.
You will then be provided with three items that make up the credentials needed to use the API:
- a domain
- a user account name
- an API key
The API Key should be treated as a secret and stored in a secure manner.
API Keys have an expiration date, after which a new key will need to be requested. Multiple API keys can be associated to a user account to allow for periodic rotation of credentials.
Authentication
API requests must be authenticated using a session token bearer token:
Authorization: Bearer <session token>
The session token is obtained by creating a session for a user account providing the API Key credentials to the create session API:
POST https://api.iplicit.com/api/session/create/api
| Parameters | Type | Description |
|---|---|---|
Domain |
Header | The environment domain (e.g.: sandox.demo) |
username, userApiKey |
Body | The user account credentials to create a session for. The credentials are encoded as JSON: Content-type: application/json { |
Example
POST https://api.iplicit.com/api/session/create/api
Domain: sandbox.demo
Content-type: application/json
{
"username": "api_user_10293",
"userApiKey": "8Ga3a9JaXebGbAgdbJUAhwXG8a12mfsj3Gfd"
}
Response:
200 OK
{
"tokenDue":"2022-02-09T11:12:39.64Z",
"sessionToken":"aj4DdxCJ30/1tz8UpCGGyQ02mCPPqoipAQcTvASNQ+VnfKbVTZUKz8",
"domain":"sandbox.demo",
"apiVer":"1.1"
}
The session token can then be used as a bearer token to authenticate subsequent requests:
GET https://api.iplicit.com/api/document/SIN100
Domain: sandbox.demo
Authorization: Bearer aj4DdxCJ30/1tz8UpCGGyQ02mCPPqoipAQcTvASNQ+VnfKbVTZUKz8
The session token should be reused for all future requests until it's expiry date tokenDue.
Updated April 2024