Authentication and Rate Limiting¶
Overview¶
Xobin ensures a seamless and secure authentication process through the utilization of API Keys alongside robust rate limiting measures for enhanced security.
API Authentication¶
Obtaining Your API Key: To authenticate your requests, you need to obtain an API Key. Please contact our support team to generate a unique API Key associated with your account.
Including API Key in Requests: Once you have your API Key, include it in the header of your API requests using the apiKey parameter. This key serves as a secure token that authenticates and authorizes your access to the Xobin APIs.
Example¶
curl -X GET "https://app.xobin.com/api/v2/<api-end-point>" \
-H "apiKey: add-your-api-key-here"
url = "https://app.xobin.com/api/v2/<api-end-point>"
headers = {"apiKey": "add-your-api-key-here"}
response = requests.get(url, headers=headers)
print(response.text)
const apiKey = 'add-your-api-key-here';
const url = 'https://app.xobin.com/api/v2/<api-end-point>';
// Construct headers with API key
const headers = new Headers({
'apiKey': apiKey,
});
// Construct the request configuration
const config = {
method: 'GET',
headers: headers,
};
// Make the fetch request
fetch(url, config)
.then(response => {
if (!response.ok) {
throw new Error(`HTTP error! Status: ${response.status}`);
}
return response.json();
})
.then(data => {
console.log(data);
})
.catch(error => {
console.error(`Error: ${error.message}`);
});
<?php
$apiKey = 'add-your-api-key-here';
$url = 'https://app.xobin.com/api/v2/<api-end-point>';
$options = [
'http' => [
'header' => "apiKey: $apiKey",
'method' => 'GET',
],
];
$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);
echo $response;
?>
API Rate Limiting¶
Rate limiting is a critical mechanism employed by APIs to manage and control the amount of incoming requests from users or client applications. It is implemented to prevent abuse, ensure fair usage, maintain system stability, and protect against denial-of-service (DoS) attacks.
For our API, a rate limit has been implemented to ensure optimal performance and fair usage. The rate limit is set at 1 request per second per user.
Important
When making requests to the API, users or client applications should monitor the values of these headers to ensure compliance with the rate limit and adjust their request frequency accordingly.
Rate limiting Headers¶
Header |
Description |
|---|---|
|
The total number of requests allowed for the active window. |
|
The number of requests remaining in the active window. |
|
UTC seconds since epoch when the window will be reset. |
|
Seconds to retry after or the http date when the Rate Limit will be reset. |