The Connect API requires API clients to authorize their HTTP requests through the Authorization header carrying a unique security token as the ApiKey argument. The Extensions module enables providers and vendors to generate such a token for every API client they want to use.
On the General tab of the Extensions main page, you can find the Connect API endpoint URL:
This is the base URL to be used by all API clients interacting with Connect. Most examples in Connect documents omit this prefix for brevity. For example, to get a list of agreements, a sample request in documents looks as follows:
The above short call actually means:
To create an API token in Connect, a provider or vendor must go through the following steps using the Extensions module.
On the Extensions main page, navigate to the Tokens tab and click the Create Token button on the top-right corner:
On the pop-up screen, specify the token properties:
Click Create to complete creation of the API token:
In the list of API tokens, a token owner can watch and manage their API tokens.
The numbered parts of an API token the above image are used for the following purposes:
To use a particular API token for Connect API authentication, copy the API Key/Handle value from the corresponding API token and use it in the HTTP Authorization header of API requests as in the following example (the ApiKey value is cut for brevity):
GET /agreements/ Authorization: ApiKey SU-160-984-824:8c8e87f858cb70370
For more details about the Connect API, refer to REST API.