Skip to content

API Authentication

    The primary authentication method for the APS API is via the API Key method. This token is issued during the API onboarding process and must be included in the Authorization request header.

    API Key Authentication Example

    curl -X 'GET' \
    '' \
    -H 'accept: application/json' \
    -H 'Authorization: TokenValue'

    Obtaining an API Token

    During the API onboarding process, APS issues tokens that are associated with an organization rather than individual user accounts. These tokens are granted access to a select list of APS companies, ensuring that any application utilizing the token can access data solely from those designated companies. It’s important to understand that data from multiple companies cannot be aggregated in a single API request. 

    Always handle these tokens with care, considering them as sensitive data, and share only with individuals you trust.

    Token Permissions

    A token’s permissions can be set based on specific access levels. If you try to access areas beyond your token’s granted permissions, the API will respond with a 401-Unauthorized status. For expanded access, please reach out to the API support team, who can evaluate and adjust the token’s permissions as needed.

    Token Expiration

    APS API tokens currently do not come with a predetermined expiration date. However, they may be revoked in cases of detected suspicious or malicious activity. If a token is revoked, the affected organization has the option to obtain a new one through the onboarding process.