API Authentication

Securing Access with API Authentication

To access our APIs securely, a subscription key is required for authentication. Follow these steps to obtain and implement the necessary authentication key:

1. Obtain Subscription Key

Access our Developer Portal once you have been granted permission by Froda. Within the portal, you can generate a unique subscription key dedicated to your application.

2. Secure Storage in Backend

Safeguard the obtained subscription key by storing it securely within your backend infrastructure. Avoid exposing or using the key outside of the designated backend environment to minimize security risks.

3. Inclusion in Requests

To authenticate with our APIs, include the subscription key in the Ocp-Apim-Subscription-Key when performing a request.

curl --location 'https://partner-api.froda.se/lending/v1/organizations/' \
--header 'Ocp-Apim-Subscription-Key: {{Ocp-Apim-Subscription-Key}}'

Best Practices

Limited Exposure

Refrain from exposing the subscription key outside of the backend environment to prevent unauthorized access and potential security breaches.

Periodic Key Rotation

Consider preiodically rotating the key for added security. Generate new keys at regular intervals and update them in your backend to minimize the impact of potential key compromises.