Access to our API is achieved via HTTPS requests to the https://api.evrythng.io/v2
domain. A combination of API key, URL validation, and roles and permissions are used to determine the validity of each request.
All API requests must use one of the secure https
, mqtts
, or wss
protocols. Devices requiring extra configuration to use TLS should use the certificates available on the Security page.
Authenticating Requests
Every request to our API must (unless otherwise stated) contain a valid API key in the Authorization
HTTP header to identify the user or application issuing the request and execute it if authorized.
Here is an example of a request to our API that returns the list of all the Thngs you have created. Note the appropriate use of the Authorization
header.
curl -i -H "Accept: application/json" \
-H "Authorization: $APPLICATION_USER_API_KEY" \
-X GET "https://api.evrythng.io/v2/thngs"
As an alternative, instead of sending the API key in the Authorization
header, you can simply append ?access_token=$OPERATOR_API_KEY
to any URL in the API. This request is equivalent to the one above:
curl -i -H "Accept: application/json" \
-X GET "https://api.evrythng.com/thngs?access_token=$OPERATOR_API_KEY"
For JavaScript developers evrythng.js makes this even easier by only requiring you to initialise a scope object with the right API key:
// User key
const OPERATOR_API_KEY = 'AGiWrH5Ote...';
const operator = new evrythng.Operator(OPERATOR_API_KEY);
operator.product().read()
.then(console.log)
.catch(console.log);
Updated 3 months ago