Skip to main content

API Key Authentication

Include your API key in the X-API-Key header with every request: 
curl -X GET "https://apistg.arqq.in/api/locations" \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json"

Getting Your API Key

1

Contact Support

Send an email to [email protected] with your integration requirements and the locations you need access to.
2

Provide Details

Include your company information, use case, and the specific locations you’ll be managing.
3

Receive Your Key

Our team will generate and provide you with an API key within 1-2 business days.

API Key Security

Never expose your API key in client-side code or public repositories. API keys provide full access to your whitelist data and should be treated as sensitive credentials.

Security Best Practices

Store your API key securely:
  • Use environment variables in production
  • Never commit keys to version control
  • Rotate keys regularly
  • Use different keys for different environments
Secure your API requests:
  • Always use HTTPS endpoints
  • Validate responses before processing
  • Implement proper error handling
  • Use rate limiting in your applications

API Key Scope

API keys are scoped to provide appropriate access for your use case:
  • Location Access: Each API key provides access to designated locations
  • Permission-Based: Keys are configured with appropriate permissions for your integration needs
  • Audit Trail: All API usage is logged and auditable
Contact [email protected] to obtain your API key and configure the appropriate permissions for your use case.

Error Responses

Invalid API Key

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  }
}

Missing API Key

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED", 
    "message": "API key is required"
  }
}

Insufficient Permissions

{
  "success": false,
  "error": {
    "code": "FORBIDDEN",
    "message": "API key doesn't have access to requested resource"
  }
}

Rate Limiting

API keys are subject to rate limiting to ensure fair usage:
  • Limit: 1000 requests per hour per API key
  • Headers: Rate limit information is included in response headers
  • Exceeded: Requests exceeding the limit return a 429 status code
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640995200

Testing Authentication

You can test your API key authentication using the health check endpoint: 
curl -X GET "https://apistg.arqq.in/api/health" \
  -H "X-API-Key: YOUR_API_KEY"

Need Help?

Contact Support

Get help with API key setup and authentication issues.

Quickstart Guide

Learn how to make your first authenticated API calls.