Security is a top priority at GetGenius Inc. To ensure the protection of your data and maintain the integrity of our platform, we use API authentication. This guide will help you understand how API authentication works on the GetGenius platform.
Understanding API Authentication #
API authentication is a process that validates the identity of a user, system, or server before granting access to data. It is a crucial layer of security that prevents unauthorized access to sensitive information.
On the GetGenius platform, we use token-based authentication. This method involves generating a unique token for each user session. This token must be included in the header of each API request.
Generating and Using API Key #
To generate an API key, you need to log into your GetGenius account and navigate to the ‘API Key’ section. Here, you can generate a new key. Please note that you should keep your API tokens secure and never share them with anyone.
When making an API request, include the key in the ‘Authorization’ header. If the key is valid, the API request will be processed. If the key is missing, invalid, or expired, the request will be denied, and you will receive an error message.
It’s important to note that API keys have an expiration date for security reasons. You will need to generate a new key once the current one expires.
By adhering to these authentication guidelines, you can ensure the security of your data and enjoy a seamless experience on the GetGenius platform.
Authorize your application #
At GetGenius Inc., we prioritize the security of our users and their data. As part of this commitment, we require all applications to be authorized before they can interact with our platform. Application authorization is a security measure that ensures only approved applications can interact with our platform. It involves verifying the identity of the application and granting it specific permissions.
A login requests in cURL looks like this:
curl --request POST \
--url https://api.getgenius.ai/user/login \
--header 'Content-Type: application/json' \
--data '{}'Validate access token #
Access tokens are a crucial part of the security measures on the GetGenius platform. They ensure that only authorized applications can access our API. Access tokens are generated when a user authorizes an application. They represent the user’s consent for the application to access their data. Each token is unique and must be included in the ‘Authorization’ header of each API request.
curl --request POST \
--url https://api.getgenius.ai/user/token/validate \
--header 'Content-Type: application/json' \
--data '{}'Refresh access token #
Access tokens are an essential part of maintaining secure interactions with the GetGenius platform. However, for security reasons, these tokens have an expiration date. Access tokens are temporary and expire after a certain period. This is a security measure to prevent unauthorized long-term access to user data. Once an access token expires, it can no longer be used to make API requests.
When an access token expires, you can obtain a new one by using a refresh token. A refresh token is issued along with the access token when a user authorizes your application. Unlike access tokens, refresh tokens are long-lived and can be used to obtain new access tokens without requiring the user to re-authorize your application.
To refresh an access token, you need to make a POST request to the GetGenius token endpoint. Include your refresh token, client ID, and client secret in the request. If the refresh token is valid, a new access token will be issued.
Please note that once a refresh token is used, it becomes invalid. A new refresh token will be issued along with the new access token. Always replace the old refresh token with the new one in your system.
By properly managing and refreshing access tokens, you can maintain secure and uninterrupted access to the GetGenius platform.
curl --request POST \
--url https://api.getgenius.ai/user/token/refresh \
--header 'Content-Type: application/json' \
--data '{}'
