Authentication

This page contains some common questions and answers about using the authentication methods available for the Ideon API.

Which authentication methods are available for the Ideon Enrollments API?

• Basic Authentication

  • To authenticate, pass the API Key as Vericred-Api-Key in the headers of your API calls.

  • compact example

    • curl -H 'Vericred-Api-Key: YOUR_KEY' "https://enrollments.vericred.com/groups"

• Token-based Authentication

  • To authenticate, POST to /auth/token to fetch a token

  • Place this token in the optional header Authorization: Bearer {YOUR_TOKEN}.

    • example:

      • curl -H 'Vericred-Api-Key: YOUR_KEY' -X POST "https://enrollments.vericred.com/auth/token"

      • curl -H 'Authorization: Bearer {YOUR_TOKEN}' "https://enrollments.vericred.com/groups"

Do tokens expire? How long is a token 'active'?

• Tokens come with an expiration of 1 day, the exact date & time is returned in the response.

• Whether you should request a new JWT token with every API call hinges on your design approach.

• However, there is no issue with calling for a token each time or for every API call session.

• For instance, if you are sending over a new group with coverage periods, members, etc., you can request the token once if you are sending all the information simultaneously, or before batches of requests.

Do I need to use Token-based Authentication?

• Token based ("oauth") is preferred not yet required by any endpoints in the Ideon API

• Our basic authentication method is secure for use in your integration

For which API calls should I provide this header?

• You will be required to send this on each API call of each type.

• This is to ensure that the correct account is associated securely with the data.

Does Ideon's API have any limits on Requests sent?

• You might experience a brief 429 error if your operations exceed 1500 calls every 5 minutes

• Our preference is that customers try to limit to less than 1000 calls per minute