Last updated

API Access

Authentication Process

To authenticate with our APIs, each request must include an HTTP Header named X-Auth-Token, where you provide your token. This token acts as a key to identify and authorize your access to our systems.

curl --location 'https://test.fl3xx.com/api/external/aircraft/16076' --header 'X-Auth-Token: tBylYM9k-MY_SAMPLE_TOKEN'

Example Authenticated CURL Request

To configure Postman for API access:

  • Open Postman and create a new request.
  • Set the request type to GET and enter the URL https://test.fl3xx.com/api/external/aircraft/16076.
  • Go to the Headers tab and add a new header with the key X-Auth-Token and your token as the value.
  • Send the request to see the response.

API Authentication

🚦 Token Boundaries

Each API token provides access to one specified system instance (one operator). The token can be issued only by the consent of the given operator's system administrator.

  • Single Operator Access: Each token is tied to a single operator's system instance.
  • Multiple Applications: If you need to run multiple applications within one operator's instance, you'll need a separate token for each application.
  • Multiple Operators: To access data from multiple operators, you'll need a token for each operator.

πŸ” Token Access Rights

Each token is configured with predefined rights to access specific API endpoints and execute defined API methods. Token access rights are set up by FL3XX.

⚠️ Important

For the production environment: Each API token provides access to one specified system instance (one operator). The token can be issued only by the consent of the given operator's system administrator.

Best Practices

  • Secure Your Token: Never expose your API token in client-side code or public repositories.
  • Rate Limiting: Be mindful of rate limits and avoid making excessive requests in a short period.
  • Error Logging: Implement error logging to capture and analyze issues with API requests.