TPI.devCommunityGithub

Retrieving API Information Related to X-API-Key Authorization

After obtaining an X-API-Key via email, if you are unsure about the authorization scope (which APIs it corresponds to), you can utilize the API Group Status feature provided by digiRunner to quickly retrieve the relevant API information associated with the X-API-Key.

Obtaining API Information with API Group Status

When a user receives an X-API-Key formatted as this: YjNmNzYzNzEtMTQwNC00OTM5LTliODEtZWY3MjM4NmRkNGJm, it is not immediately clear which APIs the key authorizes. Using the digiRunner interface, you can query and obtain detailed authorization information.

  1. Log in to the digiRunner Admin Console, and go to System Information > API Group Status to access the page.

  1. Select the X-API-Key search tab, enter the obtained X-API-Key in the search field, and click Search.

  2. If the entered key exists in digiRunner, you will be able to view the related API information on the page, including its effective date, expiration date, total number of authorized APIs, and the client information to which the key belongs.

  1. Click on the (Details) icon to view detailed information about the API.

  2. Check the Attribute section to confirm whether the API requires authorization to be called, and proceed to perform authorization operations with API Test.

TIP: An unchecked attribute indicates that the API requires validation through digiRunner's authorization with an X-API-Key.

Verifying API Under X-API-Key Authorization with API Test

  1. Go to API Management > API List to access the page.

  2. Use the Keyword Search filters to locate the API associated with the X-API-Key authorization obtained in the previous step.

  3. Click on the icon to access the API Test page.

  1. The default authorization method is set as Client Credentials. Select No Auth from the dropdown menu to bypass these validations, as the X-API-Key will be applied in another part of the process.

  1. In the Request Header, set the Key as x-api-key, and the Value as the issued X-API-Key. This action will include the parameter in subsequent API calls to complete the validation with digiRunner.

  1. Click Test to call the API, and review the results in the Response field.

    • If the Status shows 200 as shown above, the request has succeeded, and relevant data will be displayed in Headers and Body.

    • If the Status shows 401 as shown below, the request has failed due to an authorization error. The response Body will contain an error message indicating authorization failure. In this case, verify the accuracy of the X-API-Key.

PreviousRequesting API Authorization with X-API-KeyNextGoogle Authentication - OIDC with Google IdP

Was this helpful?