Swallow
  • YOUR FIRST MODEL
    • Setting up your first project
    • Manual setup of a new product
    • Excel Model Upload
    • Create your team
    • Essential concepts
      • Syntax
      • Steps
      • Collections
      • Try Model
      • Spotlight
  • PROCESS
    • Team Management
    • Governance & Collaboration
  • BUILD
    • Building with AI
    • Step builder
      • Understanding step types
      • Ordering step blocks
      • Placeholder mode
      • Up/Downloading models
      • Sharing your model
      • Running tests
    • Inputs
    • Enriching Raw Data
      • Transform Data
      • Enrich via API
      • Data Set
      • Collection
      • Custom Code
    • Setting Up Decisions
      • Exclusions
      • Excesses
      • Endorsements
      • Refer
    • Making Calculations
      • Factors
      • Calculation
    • Outputs
  • TEST
    • Creating New Tests
    • Running Tests
    • Editing Tests
    • Reading & Interpreting Tests
    • Impact Testing
  • DATA
    • Working with real-time data
    • Data Views
    • Data Quotas
    • Troubleshooting
    • API Webhooks
    • Data Downloads
  • ADMIN & SETTINGS
    • Project Management
    • Account Management
  • INTEGRATIONS
    • Introduction
    • Payments
      • Stripe
      • GoCardless
      • Adyen
    • Alerting
      • Slack
      • Zapier
    • Data
      • AWS S3
      • Google Sheets
    • Admin
      • Socotra
      • Guidewire
      • Hubspot
      • Salesforce
  • Developer API
    • Introduction
    • Authentication
    • Errors codes
    • Endpoints
      • /quotes
      • /projects
      • /tests
      • /process
Powered by GitBook
On this page
  1. Developer API

Authentication

All API endpoints have authentication built-in. API requests are not available in free accounts.

PreviousIntroductionNextErrors codes

Last updated 12 months ago

You must make all API calls over . Calls that you make over plain HTTP will fail. API requests without authentication will also fail.

Where to find API keys

The client_id_key and client_secret_key are found in the settings page which is accessible from the navigation bar if you have a paid account.

Public API requests

Public facing API requests (i.e. called with client-side requests) should have client_id_key set in the request headers.

client_id_key: 'ae3a42a7-8803-4d49-944a-2dfba8111b5a'

Private API requests

Private facing API requests (i.e. called within server-side requests) should have client_id_key and client_secret_key set in the request headers.

You should never expose the client_secret_key in publicly accessible areas such as GitHub, client-side code, and so forth. You can recycle your keys if you feel you have inadvertently exposed the keys at anytime.

client_id_key: 'ae3a42a7-8803-4d49-944a-2dfba8111b5a'
client_secret_key: 'be3b42b7-8803-4d49-944b-2dfbb8111b5b'

Recycling keys

The client_id_key and client_secret_key can be recycled in the settings page which is accessible from the navigation bar if you have a paid account. Make sure you update any code that has reference to the old keys to reflect the new keys.

HTTPS