Obtaining API Key
Each customer using the ID Analyzer API will have its own private API Key obtained through the ID Analyzer portal.
API Key Types
Based on the API calls, two types of API keys are available within the ID Analyzer system.
Server API Key
The server API key should be used only on server-side scripting as it provides unrestricted access to ID Analyzer APIs and data stored in your vault. The Server API Key is accesible as below under API Credentials menu.
Restricted API Key
Restricted API keys only allow access to Core API to perform document scans and can be distributed with client-side applications. The Restricted API Key is accesible as below under API Credentials menu.
API Key Scope
Based on the security restriction, the API access for Restricted API Key and Server API key differs as below.
API | Restricted API Key | Server API Key |
---|---|---|
ID Document Scan | Allowed | Allowed |
Biometric | Allowed | Allowed |
Docupass | Restricted | Allowed |
Transaction | Restricted | Allowed |
Obtaining API Key
ID Analyzer authenticates your API requests using your account’s API keys. If you don’t include your key when making an API request or use an incorrect or outdated one, ID Analyzer API returns a 401 - Unauthorized HTTP Response Codes. Here are the step-by-step instructions to obtain the API Key.
- Login to your ID Analyzer account over https://portal2.idanalyzer.com.
- Navigate to API Credentials on the left menu.
- Based on the required API access, the developer can utilize either Server API Key or Restricted API key accordingly. Majority of the users consume Server API Key however if the data access is to be restricted, the Restricted API key is used.
- The API Key can be reset by pressing the available button.
Securing the Key
Make sure the Restricted API Key is stored safely as it can be misused if leaked. The key should be reset in case of any leak. It is also advised to reset the key bi-weekly or monthly.
Updated 8 months ago