Authentication

Overview

This page describes how to authenticate with the REST API using the Authorization header. The API uses token-based authentication to ensure secure access to resources. Each request to a protected endpoint must include a valid API token in the Authorization header.

Authentication Format

The API requires the Authorization header to be set in the following format:

Authorization: Token <api_token>

Example

If your API token is abcd1234xyz, include the following header in your request:

Authorization: Token abcd1234xyz

How to Obtain an API Token

Login to your Onidel Cloud account.
Navigate to API Key section in the Account Settings.
Generate a new API token if you don't already have one.
Store the token securely, as it is used to authenticate all API requests.

Security Best Practices

Keep Your Token Secure

Never share your API token publicly or include it in client-side code that can be accessed by users.

Whitelist Trusted IPs Only

Configure IP whitelisting to restrict access to known and trusted IP addresses. This adds an additional layer of security, ensuring that only trusted sources can access the API.

Rotate Your API Token Regularly

Periodically regenerate your API token to minimise the impact of potential exposure.

Use Environment Variables

Store your API token in environment variables or a secure secret manager to keep it out of your codebase.

PreviousChangelog NextOS Template

Last updated 1 month ago