Authentication methods

The Open Data API can only be accessed alongside an authorization token that must be present in every request, in a special header. Currently, we check each request for the API key header. If you call any service without authenticating the request, you will get a 401 error.

🔑 Api key

Api key is the most straightforward approach, as you only have to pass your account's unique key as a parameter in a special header of your HTTP request, called x-api-key.

Initially this value will be provided to you when you enable your Khipu account, so it is your responsibility to save your key and keep it safe at every moment, being careful not to share it to unwanted users or commit it in your source code repo. ⚠️ Remember that your key has full access and privileges to interact with the API, and each request count towards your account's billing.

API Call

A sample call using your Api key would look like this:

Copy

Copied

curl --request GET \
  --url https://api.khipu.com/target-resource \
  --header 'x-api-key: <value of your assigned Api key>' \
  --header 'Content-type: application/json'