1. Home
  2. Tutorials
  3. Working with APIs
  4. Authenticate API Requests with an API Key

Authenticate API Requests with an API Key

APIs using API Key auth require client apps to send a key in order to access data via requests. API Key auth is often used to provide access to data that is not associated with a particular user account, in which case user credentials are typically required. If your app is using an API secured with an API Key, you will need to specify that in your Swagger/OpenAPI specification and configure it in the Dropsource editor as follows.

ⓘ Note

If you aren’t using API Key auth, check out the tutorials for Basic Auth and OAuth2 Password authentication.

  1. Indicate API Key in your Swagger/OpenAPI specification securityDefinitions at the root level of the document, by including an entry with a name of your choice and a type value of apiKey:

    You can pass an API Key in the request header or query (if your API expects the key in the query of the request replace header with query).

    Apply API Key auth by specifying the name you used in the securityDefinitions ( api_key in the example code) inside the sections for individual paths in your spec, or to the entire API by adding at the root level:

  2. Upload your specification file into Dropsource by opening the API tab on the right of the editor and clicking the plus plus button.

    add api

    Click Choose and upload your file – you will see an indicator when it has been imported into your project.

    users api added

    Close the API modal – you will see your new API in the API tab.

  3. You will store the API Key in a Device Variable so that it is accessible throughout the project. In Variables on the left of the editor, create a Device Variable – with a name of your choice and Swift/Java String type.

    key variable

  4. Assign a value to the variable. For example, to set it when the app first runs use a Set Value Action in the Lifecycle – Application Launched Event, assigning your key value to the variable as a static String type.

    app launch set value

    ⓘ Note

    Depending on your API, you may need to retrieve the key using a request, for example sending a username and password to retrieve an access token. Check out the tutorial on using Bubble API for an example of how that works in Dropsource.

  5. In the API tab, configure security for the API you added by clicking Set Authentication above the list of endpoints.

    set auth

  6. Select the Device Variable for the API Key field.

    key variable auth

Once your auth workflow and configurations are in place you can go ahead and add requests to the pages in your app, using Run API Request Actions to execute them. As long as your requests run once the Device Variable is set they should be authenticated, and ready to connect your app to the data.

Was this article helpful to you? Yes No

How can we help?