What are API Access Keys?
API Access Keys are used for managing security role access to services on hook.io.
A common use-case would be creating an API Access Key with the role
hook::logs::read to securely read the logs of your Private Services.
Another use-case would be creating an API Access Key with the role of
hook::run to allow a third-party client to run a private hook service hosted on hook.io. This private service would only accessible to clients who can provide a the generated access key which has the role
Using API Access Keys
Using an API Access Key with hook.io is easy!
All you have to do is supply the generated
hook_private_key variable as a HTTP request parameter ( GET Query Parameter / POST Form Data / JSON RPC / HTTP Request Header / etc ) and that HTTP client request will be granted the roles associated with that
What are Roles?
Roles are unique identifiers representing granular access to the hook.io API. Every API method on hook.io has a unique Role name.
When creating a new access key, you must specify a set of roles associated with that key. These roles determine what the new access key has permission to do.
Role checks are used to determine if an incoming HTTP request has authorization to access the requested resource. This is useful when using Private Services or when accessing the hook.io API from a third-party client.
A full listing of security access roles is available at /roles