Appearance
Authentication
All HTTP requests must be authenticated using the credentials from your Developer Dashboard, inserted into the custom HTTP headers Aply-API-Key and Aply-Secret.
NOTE
Every HTTP request should be sent from your server side. If an HTTP request is sent directly from a known web browser (XHR request) with your credentials, we will automatically consider your credentials to be at risk and regenerate your API keys and secret.
Refer to the diagram below for more information.
Example of handling authentication in v2 REST API
javascript
// API key and secret in headers
http.post('https://integration.aplyid.com/api/v2/ping',
{},
{
headers: {
'Aply-API-Key': 'zHb4LM9dSBAwiVECjKSoG6Fy',
'Aply-Secret': 'Uds32eU6hG2MFSMioEdXVGWNVkSnR1A7'
}
})
.then(response => {
// Do some stuff
})