Authentication

1. What & why

The FSCO API gives you secure access to a number of services. These services are used to store and retrieve data, as well as to power the FSCO platform.

After reading this document you should be able to query FSCO’s APIs to interact with the underlying services you have access to.

To Authenticate your API requests you will need to use your API key and secret, which you will need to have a FSCO dashboard account to create.

You will have completed the following:

• Creating an api key to use in your API requests
• Understanding how to authenticate your API requests using your API key and secret
• Making authenticated requests to FSCO APIs

title: FSCO API Key Auth _: Creating an API Key for your service User -> FSCO Developer Portal: Create Api Key FSCO Developer Portal -> User: Api Keys _: Using API Keys for Authentication User -> FSCO API: Request with API Key & Secret Headers FSCO API -> User: Response

2. Creating an API Key

To create an api key you can head to our Developer portal based on which environment you are using: For Prod For Staging

1. Go to Dashboard -> Dev Tools -> API Keys
2. Click Create API Key
3. Enter a name for your API Key
4. Click Create

you will want to save your key and secret in a safe place as you will not be able to access the secret again.

Note

If you ever lose your secret or key we recommend creating a new api key then update your services to use the new key before deleting your old key.

3. Making Authenticated Requests

To make authenticated requests to FSCO services, you’ll need to include your API key and secret in the headers of each request.

• x-api-key: string: Formatted as uuid, obtained via the FSCO Developer Portal.
• x-api-secret: string: The api secret string can be obtained via the FSCO Developer Portal.

ℹ️ API Keys are orginsation-scoped. We recommend using our staging environment to test your webhook before using them in production. Contact us if you need to use a different environment.

Depending on which environment you are using you will want to use the following base URLs:

• staging: https://staging.api.fsco.io/v2
• production: https://api.fsco.io/v2

Example API Request

GET {{API_URL}}/your-endpoint HTTP/1.1
Content-Type: application/json
X-API-Key: {your-api-key}
X-API-Secret: {your-api-secret}

Example Response

{
    "data": "Your response data here"
}

Note

If there are any issues with your API key permissions you will receive a 401 response.

Example API Key Information Request

You can verify your API key information using the following endpoint:

GET {{API_URL}}/identity/whoami?key={your-api-key}&secret={your-api-secret}
Content-Type: application/json

Response

{
  "credentials": {
    "organisationId": "0000000-0000-0000-0000-000000000000",
    "userId": "0000000-0000-0000-0000-000000000000",
    "valid": true
  },
  "organisation": {
    "organisationId": "0000000-0000-0000-0000-000000000000",
    "name": "Your Org Name"
  }
}

Note

If you are having issues with authentication please reach out to your FSCO rep for assistance.