Securing an API Access Token

Regular users of Brainstorm do not have the ability to provision their own API keys. Only network administrators of your Brainstorm instance has the ability to provision API keys.

As a Brainstorm administrator, you can navigate to the Network Settings page to create an API key. You can use this tool to email developers interested in developing against the Brainstorm API.

Note: those that have access to an API key for your instance of Brainstorm can access your organization's sensitive information. Make sure you only provide API access information to email addresses that have permission to access your data.

API Access Module Screenshot
You can access this module in your network settings page

Using the API token to authenticate requests

All API endpoints in Brainstorm require passing the appkey and the appsecret, base64 encoded, in the HTTP Authorization header. The value of the header should be Basic base64($appkey$:$appsecret$). Here is a snippet of how you would assemble the value of the Authorization header in C#:

        string str = apiKey + ":" + apiSecret; 
        byte[] bytes = Encoding.ASCII.GetBytes(str); 
        string base64Encoded = Convert.ToBase64String(bytes);
        return "Basic " + base64Encoded;

Executing API requests from the command line

One can use the linux command curl to execute HTTP requests against the API as a means to verify your API calls. Use the -u command line option to specify the apikey and apisecret. NOTE: curl will automatically base64 encode your value, so you can simply execute the command like this:

        curl -u [apikey]:[apisecret]

Substitute the [apikey] and [apisecret] with your credentials, and replace "YourCompany" with your company's Brainstorm subdomain.