Authentication & API Keys

Learn how to authenticate with ObservEarth's APIs and manage your API keys securely.

Note: All API endpoints require authentication using an API key passed in the X-API-Key header.

Getting Your API Key

To use ObservEarth's APIs, you need an API key. Here's how to get one:

  1. Create an account: If you don't already have an account, sign up for ObservEarth.
  2. Choose a plan: Select a plan that meets your needs on our pricing page.
  3. Access your dashboard: After signing up or logging in, go to your dashboard.
  4. View API key: Your API key will be displayed in the API section of your dashboard.
Important: Keep your API key secure. Do not share it publicly or commit it to version control systems.

Using Your API Key

To authenticate your API requests, include your API key in the X-API-Key header of each request.

Example in Python
import requests

api_key = "your_api_key_here"
url = "https://observearth.com/api/geometry/"

headers = {
    "X-API-Key": api_key,
    "Content-Type": "application/json"
}

response = requests.get(url, headers=headers)
data = response.json()
print(data)
Example in JavaScript
const apiKey = "your_api_key_here";
const url = "https://observearth.com/api/geometry/";

fetch(url, {
    method: "GET",
    headers: {
        "X-API-Key": apiKey,
        "Content-Type": "application/json"
    }
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error("Error:", error));
Example with cURL
curl -X GET "https://observearth.com/api/geometry/" \
     -H "X-API-Key: your_api_key_here" \
     -H "Content-Type: application/json"

API Key Security Best Practices

Protecting your API key is crucial. Here are some best practices:

  • Environment variables: Store your API key in environment variables, not in your code. 
    # Python example using environment variables
import os
import requests

api_key = os.environ.get("OBSERVEARTH_API_KEY")
url = "https://observearth.com/api/geometry/"

headers = {
    "X-API-Key": api_key,
    "Content-Type": "application/json"
}

response = requests.get(url, headers=headers)
  • Backend proxy: For web applications, make API calls from your backend server, not directly from the client.
  • Restrict usage: Limit API key usage to specific IP addresses or domains when possible.
  • Regular rotation: Periodically rotate your API keys, especially if you suspect they may have been compromised.

Handling Authentication Errors

When authentication fails, you'll receive one of these HTTP status codes:

Status Code Description Solution
401 Unauthorized Missing API key Include the X-API-Key header in your request
403 Forbidden Invalid API key Check that your API key is correct
429 Too Many Requests Rate limit exceeded Implement backoff strategy or upgrade your plan
Example: Handling Authentication Errors
import requests

api_key = "your_api_key_here"
url = "https://observearth.com/api/geometry/"

headers = {
    "X-API-Key": api_key,
    "Content-Type": "application/json"
}

response = requests.get(url, headers=headers)

if response.status_code == 401:
    print("Error: Missing API key")
elif response.status_code == 403:
    print("Error: Invalid API key")
elif response.status_code == 429:
    retry_after = response.headers.get("Retry-After", "60")
    print(f"Rate limit exceeded. Try again in {retry_after} seconds")
elif response.status_code == 200:
    data = response.json()
    print(data)
else:
    print(f"Error: {response.status_code}")
    print(response.text)

Next Steps

Now that you understand authentication, you can: