Specifying a Key in an API call
API Keys can be provided via a query string or via the Authorization HTTP Header.
Providing a Key in the HTTP Authorization Header (recommended)
Specify the Authorization header like this:
Authorization: Key=your-auth-key
Providing a Key in the URL query string (not recommended)
Append the query string auth-key to the request URL. For example, if you are invoking this Workflow:
https://api.tforge.co.za/test/
Provide the API Key like this:
https://api.tforge.co.za/test/?auth-key=your-auth-key
Note that we do not recommend using this technique because it is possible that the URL will be logged.There are two authentication tokens, a system authentication token that will be provided after system configuration and a user authentication token that will need to be generated on user login. The system token does not expire and can be regenerated by a service request. The user authentication token is generated on remote user login and has an expiration time which is indicated within the login response object.