Call us now on 01772217772

API: Increase Security With The API Key



Tagged with security, api, api key
by Paddy Green
in Documentation

15-Oct-2015 12:56



When making your API calls (via the XML API or HTTP API) to TextGoto, you can increase your security by generating an API Key which you can use instead of a userid/password combination. This also has the advantage of being distinct from your userid/password, so if you change your password your API calls will continue to work.

You can also restrict the IP addresses that can use your API Key, preventing misuse and helping to ensure that your API calls do actually originate from your systems.

Generating Your API Key

Generating your API Key is simple:

  1. Log in to TextGoto
  2. Go to your account page
  3. Locate the API KEY panel
  4. Select "Generate/Replace API Key"

A 32 character API Key will be generated which you can then copy and paste into your API code.

Limiting IP Access

You can define the IP addresses that are allowed to use API Key by entering a list of IPv4 addresses into the IP address box and selecting "Save IP List". This list will then be used to confirm/deny permission for any call made to the APIs using your API Key.

If you don't define an IP list, then any IP address will be able to use your API Key.

API Keys And The XML API

In the XML API, simply replace the normal header with the User ID and Password with the alternative header below.

<campaign> <header apikey="[your API Key]" action="[function]"/> <body> [request body XML] </body> </campaign>
API Keys And The HTTP API

In the HTTP API, simply replace your "u" and "p" variables (in the form post or querystring) with an "a" variable containing the API Key, so a GET request would look as follows:

http://textgoto.com/api/webapi.aspx?m=[MESSAGE]&n=[NUMBER]&a=[APIKEY]