Authentication

API Keys

What can I do with API Keys?

As of right now, this opens up access to our GraphQL API. Stay tuned to for more ways your API key can be used to integrate with third party services.

How do I enable Developer settings for my institution?

Developer settings are available to Institutions with a Pro level plan or greater.

From there, administrators and owners will be able to use their institution dashboard (accessible via top-left menu) to create keys.

How do I create an API access key?

API Keys are required to use the GraphQL API and other API Key related features can be created through the Developer API settings:

And within the Developer API section:

The institution's API key can be revoked, which will prevent future requests from accessing with that key.

If you would like a test / developer institution created for development, contact our support.

Authentication methods

Bearer token (Authorization headers)

Authentication is passed via bearer token. This is done via taking your institution's API key passing it in the Authorization HTTP Header in this format:

Authorization: Bearer <api_key>

Ways to pass authorization headers

• In browser, via an extension that modifies requests (e.g. Postman)

• Terminal usage: via curl(1) or wget(1) (see examples)

• Programmatically via network requests (see examples)

See also

• HTTP Headers > Authorization on MDN Web Docs

• Similar: Swagger's Bearer authentication method (archive.org)

• Similar: Postman docks on Bearer authentication (archive.org)

• Similar: RFC6750 / OAuth 2.0 Authorization Framework: Bearer Token Usage (archive.org)

Via session

You can access https://app.eduflow.com/api/graphql and Login as an institution owner / admin to access graphiql directly. To see this in action see the graphiql usage example.