Authentication

This guide will help you setup your API keys on HyperTrack. To use the SDKs and REST API, you will need the keys to authenticate yourself.

Token authentication

The HyperTrack API follows HTTP basic auth to authenticate API calls with a token. Every API call needs to have the Authorization key sent in the request header with the token, as shown below.

Authorization: token sk_1234567890abcde

If you are using the API helper libraries and/or the SDKs, they need to be configured with the token, as described in their setup instructions. After configuration, they handle the authentication headers internally.

Get your keys

  1. Sign up with your email and password.
  2. Verify your account by clicking on the link sent to your email.
  3. Login into the dashboard, and get your secret and publishable keys on the account page.

Secret key

The secret key is authorised for all API calls - to create, edit, list, retrieve and delete data. It looks like sk_1234567890abcde.

The secret key is to be used on the server-side, for backend-to-backend communication. The API helper libraries for backend use the secret key. As the name suggests, you should never share your secret key.

Publishable key

The publishable key is authorised for read-only API calls for specific data entities, and some write methods from the SDKs. With the publishable key, you can retrieve one or more entities with their unique id. It looks like pk_1234567890abcde.

The publishable key is used by the SDKs in your mobile apps. You can hard-code the publishable key in the app.

[info] Rolling keys

If you think your keys have been compromised, at any point you can request for a new secret or publishable key for your account, by rolling your keys. Note that the previous key will no longer be authorised, and any API calls with the old keys will fail with 401/403 HTTP status code.

Was this helpful? Yes, thanks! Not really

results matching ""

    No results matching ""