Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


The InstantKB Web API Application Key

When making calls into the InstantKB Web API you'll always need to provide at minimum an "Application key" to authenticate the request. The application key can be shared publicly and is only used to make anonymous requests into the InstantKB Web API.

The application key can change and can be used to globally revoke remote access into the InstantKB Web API. Should the application key change you can use the application secret to programmatically obtain the latest application key via the Web API.

Application Secret

The application secret never changes and should not be shared or visible to end users. The application secret can be used to programmatically obtain the latest application key via the InstantKB Web API.

To get started you can obtain both the Application Key and Application Secret via the InstantKB Admin CP > Settings > API Explorer page as shown below...

Programmatically Obtaining the Application Key

If the Application Key is likely to change or not known ahead of time you can optionally use the application secret to obtain the latest application key. To obtain the latest application key you can  make a request to the "api/auth" endpoint providing the application secret as shown below...

GET api/auth?app_secret={your_app_secret} HTTP/1.1
Host: https://demos.instantasp.co.uk/InstantKB2018/
Content-Type: application/json
X-Api-Version: 1

This will return the latest Application Key as shown below...

{
"app_key": "FoMEfIWA3eykhATmFuUt0C01SUzuFgRccT82BTYd26vv6npoiD273LgQVw0kyJ1VGQY4JjG5iEo"
}

 You can then use the returned application key for subsequent anonymous requests via the InstantKB Web API.