Api Key
The key is an unique identifier used to authenticate and authorize a user or program. In order to use Uniserv DQ Cloud services you need an API key for authentication.
Generation of an API key
You can generate up to two API keys in the Uniserv CONNECT portal. Please log in with your credentials and go to your personal settings.
Navigate on the left side to API key management.
Just click on Create API key. A new unique key will be generated and is partially visible for security reasons. You can copy the key to clipboard or make it visible for some seconds by clicking the buttons.
The key can be used immediately. Please read the appropriate documentation of your service to set the right HTTP Request Header.
You can create up to two API keys. The second key can be used in parallel or can be created as a fallback, if one key gets compromised.
Domains and why they are needed
Please be aware that an API key is part of the request you send and hence can be visible for unattended user. To secure the key you should define trusted domains from where the requests can be sent.
Specified domains will be checked with the Origin of the request. The Origin is automatically set by the browser. If you send the request using developer tools like curl, etc. you have to set the Origin header by yourself. In that case please note the right syntax of the Origin request header:
<scheme>://<hostname>:<port><scheme> - The protocol that is used. Usually, it is the HTTP protocol or its secured version, HTTPS.
<hostname> - The domain name of the origin server.
<port> Optional - Port number on which the server is listening. If no port is given, the default port for the requested service is implied (e.g., "80" for an HTTP URL) .
Examples for valid origin:
-
http://uniserv.com
-
https://www.uniserv.com
-
http://mydomain.com:8080
Examples for invalid origin:
-
uniserv.com – scheme is missing
Specify trusted domains
You have to define one or many domains which are trusted for sending requests with your API key. Just enter a valid domain, optionally including a port number, and click on Create.
A valid domain consists of minimum two and maximum of 63 characters. All letters from a to z, all numbers from 0 to 9 and a hyphen (-) are allowed.
Following examples are valid input for the domain whitelist:
uniserv.com, uniserv.com:8080, www.uniserv.com
Please note that you cannot specify IP addresses.
Examples
| Origin Header | Domain | Matches | Notes |
|---|---|---|---|
http://uniserv.com |
uniserv.com |
true |
Whitelist permits any port |
https://uniserv.com |
uniserv.com |
true |
Whitelist permits any port |
https://uniserv.com:8080 |
uniserv.com |
true |
Whitelist permits any port |
https://uniserv.com:8080 |
uniserv.com:443 |
false |
Whitelist specifies port, but it doesn’t match the Origin header |
https://uniserv.com |
uniserv.com:80 |
false |
Whitelist specifies port, but the Origin has a different port |
http://uniserv.com |
uniserv.com:80 |
true |
Whitelist specifies port, which matches the Origin |
uniserv.com |
anything |
false |
Invalid Origin header syntax |
https://www.uniserv.com |
uniserv.com |
true |
Origin is a subdomain of the whitelisted domain |
https://www.uniserv.com |
test.uniserv.com |
false |
Hosts do not match |