API Keys

How to manage your API Keys and restrict them to ensure your Woosmap Platform account is secure.
  1. Overview
  2. Registering a Woosmap Public API Key
  3. Registering a Woosmap Private API key
  4. Why should I restrict my Public API keys?
  5. What is a Woosmap Public API Key restriction?
  6. Best practices

Overview

Woosmap Platform APIs and SDKs require you to send an API key with all calls. API keys act as unique identifiers that authenticate the calls you make to Woosmap Platform and ensure they are billed to the correct project and organisation. Whether you’re pushing new or updating existing data, searching it, or doing anything else with Woosmap’s API, you need to provide an API key.

There are two kinds of API Keys: Public and Private.

Public API keys are used to implement Woosmap features on the client-side. They allow you to retrieve your location data and benefit from the read-only capabilities of Woosmap APIs. A unique Public API Key is automatically generated when you add a new project to your organization. Be careful, you must authorize domains or IP addresses to consume API calls to your Public API key.

Private API keys allow you to manage integrations on the server-side and perform creation of new and updates of existing locations. You need to create Private API keys manually.

Registering a Woosmap Public API Key

Assuming you have already created your Woosmap account.

Steps:

  1. Visit the Woosmap Console and authenticate yourself.

  2. Click on the Projects menu on your left.

  3. Either create a new project or select an existing one.

  4. The Woosmap Public API Key is automatically created. You can see it from the Security and Access menu under the Basic tab.

This Key is a long string of generated characters preceded by woos-.

woos-26b90591-6d9e-3b74-ba24-a887ec084e86

Registering a Woosmap Private API key

Assuming you have already created your Woosmap account.

Steps:

  1. Visit the Woosmap Console and authenticate yourself.

  2. Click on the Projects menu on your left.

  3. Either create a new project or select an existing one.

  4. From the Security and Access menu, click on the Private Keys tab.

  5. Click on the button Add a Private Key

  6. Specify a Name and set the permission to read and/or write your Stores. Warning: permissions cannot be changed after the private key has been created.

Private API Key creation

This Key is a long string of generated characters.

b887ecb5-e0bb-4b7b-a554-54e4a3d96e7a

Why should I restrict my Public API keys?

Restricting your Public API keys helps ensure your Woosmap Platform account is secure. To create a new Woosmap Project, you need to set at least one restriction to the Woosmap Public API Key. You can always change the restrictions later, if you need to.

What is a Woosmap Public API Key restriction?

Woosmap Public API Key restrictions are the authorized domains or IPs from which the call to Woosmap API will be done. You can add or remove an authorized domain name in the project creation stage and from the Security and Access menu under the Basic tab.
Wildcard characters are acceptable for naming similar websites. For example, *.woosmap.com accepts all sites ending with woosmap.com, such as https://developers.woosmap.com. Please, do not insert the protocol (http/https) in front of your domain name as it is not supported.

Add or remove an authorized domain name

Best practices

Here are some guidelines you can use to determine strategies to protect your API keys.