System status

API Key

Getting started guide

Suggest Edits

To request a Fourthline API key, contact your customer success manager.

Each API key comprises the following:

  • client_id: Your unique identifier from Fourthline
  • client_secret: Your unique password from Fourthline

Fourthline authenticates all API requests using the API key(s) for your account.

You customer success manager can help you delete and rotate API keys as required.

Sandbox and production environments

Make all API requests to Fourthline in either our sandbox or production environment. Use the sandbox to access test data, and production to access clients' real identity data and case outcomes.

Objects in one environment aren’t accessible in the other, e.g. a sandbox clientData object can’t be included in a case in production.

You need different API keys for each environment.

You can receive a production API key only once.

If you lose your production key, you can’t retrieve it. You must roll it or delete it and request a new one.

Key safety

To keep your keys safe, we recommend following these best practices:

  • Only grant key access to staff who need them.
  • Control access to keys using a password manager or secret management service.
  • Don’t store keys in a version control system.
  • Don’t embed keys where they can be exposed to attackers, e.g. in a mobile application.

Invalid keys

If a request:

  • Doesn’t include a valid key, Fourthline returns an Invalid request error
  • Includes a deleted or expired key, we return an Authentication error

Support
For support with your API key, contact your implementation manager.

Top of page

Updated 30 days ago

Related pages