Skip to main content
This helper method generates a secured API key from a parent API key by adding query parameters and restrictions. Secured API keys use hash-based message authentication codes (HMAC). To generate a secured API key, the method performs the following steps:
  1. Compute a SHA-256 HMAC with:
    • Secret: the parent API key
    • Message: a URL-encoded list of query parameters
    These query parameters are applied to every request that uses the API key and can’t be modified by end users.
  2. Concatenate the SHA-256 HMAC with the list of query parameters into a single string.
  3. Encode the resulting string in base64.

Usage

var response = client.GenerateSecuredApiKey(
  "2640659426d5107b6e47d75db9cbaef8",
  new SecuredApiKeyRestrictions
  {
    ValidUntil = 2524604400L,
    RestrictIndices = new List<string> { "Movies" },
  }
);

Parameters

  • C#
  • Go
  • Java
  • JavaScript
  • Kotlin
  • PHP
  • Python
  • Ruby
  • Scala
  • Swift
parentApiKey
string
required
The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.
restriction
SecuredApiKeyRestrictions
required
You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.
I