Support and Documentation

Authentication

An API key is required for all requests made to the Content Management API. The key can either be passed as a query parameter in the URL named api_key or as a Header with the name X-API-Key. Your API key identifies you and your app as the consumer of the API, and it is important to keep it secret and safe to prevent unauthorized access to your content. As such, client-side requests even under SSL would be considered insecure since the visitor to your site could easily view the outgoing requests from their browser.

To obtain an API key, you or an administrator of your Brightspot instance must do the following:

  1. From the Brightspot navigation menu, select Admin > APIs.

  2. In the Clients widget, click Create New Client. A New API Client form appears.

    new-api-client.png
  3. In the Name field, add a descriptive name to identify your application.

  4. In the Keys field, click Add API Key. A new form appears revealing your API key.

    new-api-key.png
  5. You can also give the generated key a descriptive Name to help you identify it later on.

  6. Click Save.

Brightspot activates your API Key, and saves any associated configurations to it.