This article is for legacy users since API keys have been deprecated. Learn how to use OAuth keys, which are our preferred authentication method.
If you haven’t already, check out our authentication overview. This article contains instructions for how to authenticate a source with a legacy API key.
- Log in to the Redox dashboard.
- From the navigation menu, click the Developer page.
- By default, the Developer page opens and displays the API Keys tab.
- Any created API keys display. The top section contains OAuth keys and the section below contains legacy keys. To create a legacy key, click the Create API Key button. If you want to configure an existing API key, click the Edit button next to it. Then skip to step 6.
- A modal opens with API key details. In the Name field, enter the API key name. If you're a new user, you won't be able to create a legacy key.
- If you're an existing user with legacy keys, radio buttons display for Legacy and OAuth options. Select the Legacy radio button.
- Click the Add button.
- The Settings page displays. Copy the API key value and generate a new secret value to send a request for an access token.
- Use the following request:
Example: Request for generating an access tokenUse the accessToken (in the first line of the response) to authenticate in later steps. Take note of the expires value, which contains the exact date and time that your access token expires. Access tokens expire 24 hours after retrieval. Then use the refreshToken to retrieve a new access token after this one expires. See the details for refreshing your token further down below.
Example: Response for generating an access token401 error code
- Authenticate your request. The Data Model API relies on Oauth 2.0 Bearer to authenticate requests. All requests via the Data Model API must contain an Authorization header with a valid access token in the following format: Authorization: Bearer [your-accessToken]
Example: Authorization header for a request
After successfully authenticating, you can initiate requests to any endpoints you have verified. If you want to send test requests, you can send them to https://api.redoxengine.com/endpoint.
Every Data Model API request must contain these headers and body parameters.
The token that authenticates your request. This header is required.
The value that identifies the type of API call.
The data model corresponding to the type of data you're sending or requesting.
The event type of the data model that you're sending or requesting. Learn more about event types.
The identifier for the source sending the outgoing request. This parameter is required if you have more than one legacy API key. Learn more about identifying a source.
Objects with ID value(s) of the endpoint(s) you're sending data to or the endpoint you're requesting data from.
A request should generally look like this:
Example: General request
You can use the refresh token returned from the most recent authentication request to retrieve a new access token via the refresh token endpoint:
Example: Request for refreshing an access token
The object returned for a successful response is the same as that for the original access token retrieval request noted above.
If either your API key or secret value are exposed, you must generate a new secret value. Learn how to generate a new secret value.