Swallow
  • YOUR FIRST MODEL
    • Setting up your first project
    • Manual setup of a new product
    • Excel Model Upload
    • Create your team
    • Essential concepts
      • Syntax
      • Steps
      • Collections
      • Try Model
      • Spotlight
  • PROCESS
    • Team Management
    • Governance & Collaboration
  • BUILD
    • Building with AI
    • Step builder
      • Understanding step types
      • Ordering step blocks
      • Placeholder mode
      • Up/Downloading models
      • Sharing your model
      • Running tests
    • Inputs
    • Enriching Raw Data
      • Transform Data
      • Enrich via API
      • Data Set
      • Collection
      • Custom Code
    • Setting Up Decisions
      • Exclusions
      • Excesses
      • Endorsements
      • Refer
    • Making Calculations
      • Factors
      • Calculation
    • Outputs
  • TEST
    • Creating New Tests
    • Running Tests
    • Editing Tests
    • Reading & Interpreting Tests
    • Impact Testing
  • DATA
    • Working with real-time data
    • Data Views
    • Data Quotas
    • Troubleshooting
    • API Webhooks
    • Data Downloads
  • ADMIN & SETTINGS
    • Project Management
    • Account Management
  • INTEGRATIONS
    • Introduction
    • Payments
      • Stripe
      • GoCardless
      • Adyen
    • Alerting
      • Slack
      • Zapier
    • Data
      • AWS S3
      • Google Sheets
    • Admin
      • Socotra
      • Guidewire
      • Hubspot
      • Salesforce
  • Developer API
    • Introduction
    • Authentication
    • Errors codes
    • Endpoints
      • /quotes
      • /projects
      • /tests
      • /process
Powered by GitBook
On this page
  1. Developer API

Authentication

All API endpoints have authentication built-in. API requests are not available in free accounts.

You must make all API calls over HTTPS. Calls that you make over plain HTTP will fail. API requests without authentication will also fail.

Where to find API keys

The client_id_key and client_secret_key are found in the settings page which is accessible from the navigation bar if you have a paid account.

Public API requests

Public facing API requests (i.e. called with client-side requests) should have client_id_key set in the request headers.

client_id_key: 'ae3a42a7-8803-4d49-944a-2dfba8111b5a'

Private API requests

Private facing API requests (i.e. called within server-side requests) should have client_id_key and client_secret_key set in the request headers.

You should never expose the client_secret_key in publicly accessible areas such as GitHub, client-side code, and so forth. You can recycle your keys if you feel you have inadvertently exposed the keys at anytime.

client_id_key: 'ae3a42a7-8803-4d49-944a-2dfba8111b5a'
client_secret_key: 'be3b42b7-8803-4d49-944b-2dfbb8111b5b'

Recycling keys

The client_id_key and client_secret_key can be recycled in the settings page which is accessible from the navigation bar if you have a paid account. Make sure you update any code that has reference to the old keys to reflect the new keys.

PreviousIntroductionNextErrors codes

Last updated 11 months ago