Authentication methods

The Open Data API can only be accessed in conjunction with an authorization token, which must be included in a special header in each request. Currently we check every request for the API key header. If you call any service without authenticating the request, you will get a 401 error.

🔑 Api key

The API key is the simplest approach, as all you need to do is pass your account's unique key as a parameter in a special HTTP request header called x-api-key.

This value is initially provided to you when you activate your Khipu account, so it is your responsibility to save your key and keep it safe at all times, being careful not to share it with unwanted users or commit it to your source repository.


Remember that your key has full access and privileges to interact with the API, and every request will count towards your account billing.

API Call

An example call using your API key would look like this:

curl --request GET \
  --url \
  --header 'x-api-key: <value of your assigned Api key>' \
  --header 'Content-type: application/json'