Authentication
The PAVE API requires authentication for all API calls, which is achieved through the use of an HMAC-SHA256 message hash as a header within the request.
Last updated
The PAVE API requires authentication for all API calls, which is achieved through the use of an HMAC-SHA256 message hash as a header within the request.
Last updated
This section provides the details on how to use the curl
command to access the PAVE OpenAPI sessions endpoint using API-Key
, API-Token
, and API-Timestamp
headers. The API-Key
and API-Token
are used for authentication purposes, and the API-Timestamp
is used for ensuring the freshness of the request.
https://openapi.paveapi.com/v1/sessions
HMAC (Keyed-Hash Message Authentication Code) is a cryptographic technique that calculates a message authentication code by combining a cryptographic hash function with a secret key. In the case of the PAVE Capture API, the cryptographic hash function used is SHA256, resulting in the algorithm known as HMAC-SHA256.
A valid API Key and API Token should be obtained before accessing the API endpoint.
curl
must be installed on your system.
Open a terminal or command prompt.
Use the following curl
command to access the API endpoint:
curl -H "API-Key: <Your_API_Key>" \
-H "API-Token: <Your_Generated_Access_Token>" \
-H "API-Timestamp: <UTC_Datetime_String>" \
https://openapi.paveapi.com/v1/sessions
Replace <Your_API_Key>
with your API Key.
Replace <Your_Generated_Access_Token>
with your API Token.
Replace <UTC_Datetime_String>
with the UTC datetime in the format YYYY-MM-DDTHH:MM:SSZ
. For example, 2023-02-11T12:00:00Z
.
Execute the curl
command.
The API endpoint will return a JSON object containing the session data.
The following headers are required for each API request:
API-Key
Your API Key, which is used to identify your account and provide access to the API.
API-Token
A generated access token, which is used to authenticate your API request.
API-Timestamp
The UTC datetime string, which is used to verify the freshness of your request.
Make sure to replace the placeholders with the actual values before executing the curl
command.
Ensure that the UTC datetime string in the API-Timestamp
header is accurate and up-to-date, as it is used for ensuring the freshness of the request.
API-Token
: will expire within 5 minutes.
If the request is successful, the API server will return a JSON object that contains the session information, including the session ID, expiration time, and the associated API Key and access token.
Example response:
{
"session_id": "f8f4e4c1-6416-4d4a-8b16-f15a4e4a1c2d",
"expiration": "2023-02-11T12:00:00Z",
"api_key": "abcd1234",
"api_token": "efgh5678"
}
If there is an error with the request, the API server will return a JSON object with an error message. Some possible error messages include:
Invalid API Key
: The provided API Key is invalid or does not match any existing accounts.
Invalid API Token
: The provided access token is invalid or has expired.
Invalid API Timestamp
: The provided UTC datetime string is invalid or the request is stale.
Example error response: 403 Forbidden
{
"message": "Unable to validate the request, please recheck your API-Key and API-Token."
}
const axios = require('axios');
const apiKey = '<Your_API_Key>';
const apiToken = '<Your_Generated_Access_Token>';
const apiTimestamp = '<UTC_Datetime_String>';
axios({
method: 'post',
url: 'https://openapi.paveapi.com/v1/sessions',
headers: {
'API-Key': apiKey,
'API-Token': apiToken,
'API-Timestamp': apiTimestamp
}
})
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error.response.data);
});
import requests
api_key = '<Your_API_Key>'
api_token = '<Your_Generated_Access_Token>'
api_timestamp = '<UTC_Datetime_String>'
headers = {
'API-Key': api_key,
'API-Token': api_token,
'API-Timestamp': api_timestamp
}
response = requests.post(
'https://openapi.paveapi.com/v1/sessions',
headers=headers
)
if response.status_code == 200:
print(response.json())
else:
print(response.json()['error'])
package main
import (
"bytes"
"encoding/json"
"fmt"
"net/http"
)
const apiKey = "<Your_API_Key>"
const apiToken = "<Your_Generated_Access_Token>"
const apiTimestamp = "<UTC_Datetime_String>"
func main() {
url := "https://openapi.paveapi.com/v1/sessions"
client := &http.Client{}
req, err := http.NewRequest("POST", url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("API-Key", apiKey)
req.Header.Set("API-Token", apiToken)
req.Header.Set("API-Timestamp", apiTimestamp)
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
var result map[string]interface{}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Println(result)
}
import Foundation
let apiKey = "your_api_key"
let apiToken = "your_generated_access_token"
let url = URL(string: "https://openapi.paveapi.com/v1/sessions")!
let timestamp = DateFormatter().string(from: Date())
var request = URLRequest(url: url)
request.addValue(apiKey, forHTTPHeaderField: "API-Key")
request.addValue(apiToken, forHTTPHeaderField: "API-Token")
request.addValue(timestamp, forHTTPHeaderField: "API-Timestamp")
let task = URLSession.shared.dataTask(with: request) { (data, response, error) in
guard let data = data, let response = response as? HTTPURLResponse, error == nil else {
print("Error: \(error?.localizedDescription ?? "Unknown error")")
return
}
if response.statusCode == 200 {
print(String(data: data, encoding: .utf8) ?? "Empty response")
} else {
print("Unexpected response code: \(response.statusCode)")
print(String(data: data, encoding: .utf8) ?? "Empty response")
}
}
task.resume()
import java.net.URL
import javax.net.ssl.HttpsURLConnection
fun main() {
val apiKey = "<Your_API_Key>"
val apiToken = "<Your_Generated_Access_Token>"
val apiTimestamp = "<UTC_Datetime_String>"
val url = URL("https://openapi.paveapi.com/v1/sessions")
with(url.openConnection() as HttpsURLConnection) {
requestMethod = "POST"
setRequestProperty("API-Key", apiKey)
setRequestProperty("API-Token", apiToken)
setRequestProperty("API-Timestamp", apiTimestamp)
inputStream.bufferedReader().use {
val response = it.readText()
println(response)
}
}
}