</> wayvo
Blog

API and Integrations

Authentication

Learn how to authenticate API requests using the Wayvo API.

Authentication

Wayvo supports API authentication using API keys and OAuth 2.0. Proper authentication ensures that your API requests are secure and authorized.

API Key Authentication

  1. Generate API Key

    • To use API key authentication, first generate an API key from your Wayvo dashboard.
    • Navigate to the "API Keys" section and click "Create API Key".
    • Provide a name and description for the key, then click "Generate".

  2. Using API Key in Requests

    • Include the API key in the request headers to authenticate your API calls.
    • Add the header Authorization: Bearer YOUR_API_KEY to your requests.
    curl -X GET "https://api.wayvo.ai/v1/users" -H "Authorization: Bearer YOUR_API_KEY"

OAuth 2.0 Authentication

  1. Register Your Application

    • Register your application in the Wayvo dashboard to use OAuth 2.0.
    • Navigate to the "OAuth Applications" section and click "Register Application".
    • Provide the application name, redirect URI, and other required details.

  2. Obtain Client Credentials

    • After registering your application, you will receive a client ID and client secret.
    • Use these credentials to obtain an access token.

  3. Request Access Token

    • Use the client ID and client secret to request an access token from the OAuth 2.0 token endpoint.
    curl -X POST "https://api.wayvo.ai/oauth/token" -d '{
  "grant_type": "client_credentials",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}'

  4. Using Access Token in Requests

    • Include the access token in the request headers to authenticate your API calls.
    • Add the header Authorization: Bearer YOUR_ACCESS_TOKEN to your requests.
    curl -X GET "https://api.wayvo.ai/v1/projects" -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Refreshing Access Tokens

  1. Token Expiry

    • Access tokens are typically short-lived and will expire after a certain period.
    • When an access token expires, you need to request a new one using the refresh token.

  2. Request New Access Token

    • Use the refresh token to request a new access token from the OAuth 2.0 token endpoint.
    curl -X POST "https://api.wayvo.ai/oauth/token" -d '{
  "grant_type": "refresh_token",
  "refresh_token": "YOUR_REFRESH_TOKEN",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}'

Securing Your API Keys and Tokens

  1. Environment Variables

    • Store API keys and tokens in environment variables to keep them secure.
    • Avoid hardcoding sensitive information in your source code.

  2. Key Rotation

    • Regularly rotate your API keys and tokens to enhance security.
    • Update your applications to use the new keys and tokens after rotation.

  3. Access Control

    • Limit the permissions of API keys and tokens to the minimum necessary for your application.
    • Use role-based access control (RBAC) to manage permissions effectively.

Best Practices for API Authentication

  1. Use HTTPS

    • Always use HTTPS to encrypt API requests and responses.
    • Ensure that sensitive information is protected during transmission.

  2. Monitor API Usage

    • Monitor the usage of your API keys and tokens to detect any unauthorized access.
    • Set up alerts for unusual or suspicious activity.

  3. Implement Rate Limiting

    • Apply rate limiting to your API endpoints to prevent abuse and ensure fair usage.
    • Handle rate limit errors gracefully in your application.

Tip!

Implement proper authentication to secure your API requests and protect your application data. Follow best practices to ensure the security and reliability of your API integrations.

Next Steps

With authentication set up, you can start making secure API requests. Explore our guides on API Overview and Using the API to enhance your application's capabilities.

For more advanced authentication options, check out our Advanced Features section.

Previous
API Overview
Next
Using the API