API Key
Getting started guide
To request a Fourthline API key, contact your customer success manager.
Each API key comprises the following:
client_id
: Your unique identifier from Fourthlineclient_secret
: Your unique password from Fourthline
Fourthline authenticates all API requests using the API key(s) for your account.
You customer success manager can help you delete and rotate API keys as required.
Sandbox and production environments
Make all API requests to Fourthline in either our sandbox or production environment. Use the sandbox to access test data, and production to access clients' real identity data and case outcomes.
Objects in one environment aren’t accessible in the other, e.g. a sandbox clientData
object can’t be included in a case in production.
You need different API keys for each environment.
You can receive a production API key only once.
If you lose your production key, you can’t retrieve it. You must roll it or delete it and request a new one.
Key safety
To keep your keys safe, we recommend following these best practices:
- Only grant key access to staff who need them.
- Control access to keys using a password manager or secret management service.
- Don’t store keys in a version control system.
- Don’t embed keys where they can be exposed to attackers, e.g. in a mobile application.
Invalid keys
If a request:
- Doesn’t include a valid key, Fourthline returns an
Invalid request
error - Includes a deleted or expired key, we return an
Authentication
error
Updated 4 months ago