API Authentication

The API Authentication is implemented as HTTP Basic Authentication over HTTPS. Your API login credentials are not the same as the credentials that you use to login to the web interface. You must obtain your API credentials separately.

Obtaining your API credentials

You can find the API credentials in the Settings \ API Settings section of your OneAll Site. Each Site has it's own credentials; you can access the list of your Sites in the web interface.

New Site

If you haven't created any Sites yet, login to your client account, open the Sites panel and click on Add Site to get started.

Existing Site

To get the API credentials for an existing Site, login to your client account, open the Sites panel and click on the subdomain of a Site. The Public Key is the username and the Private Key is the password in the HTTP Basic Authenticated requests.

Authenticating with your API Credentials

You have to use HTTP Basic Authentication to confirm your identity via the API. All requests must come over SSL/HTTPS, and have to be sent to the Site Domain. The Site Domain is displayed in the API Settings panel in the Site settings of your OneAll account.

API Access

Authentication Examples

More examples are available in our Development Guides.

HTTP Basic Authentication with PHP/CURL

			//Your Site Settings
			$site_subdomain = 'REPLACE WITH YOUR SITE SUBDOMAIN';
			$site_public_key = 'REPLACE WITH YOUR SITE PUBLIC KEY';
			$site_private_key = 'REPLACE WITH YOUR SITE PRIVATE KEY';
			//API Access Domain
			$site_domain = $site_subdomain.'.api.oneall.com';
			//Connection Resource
			$resource_uri = 'https://'.$site_domain.'/connections.json';
			//Setup connection
			$curl = curl_init();
			curl_setopt($curl, CURLOPT_URL, $resource_uri);
			curl_setopt($curl, CURLOPT_HEADER, 0);
			curl_setopt($curl, CURLOPT_USERPWD, $site_public_key . ":" . $site_private_key);
			curl_setopt($curl, CURLOPT_TIMEOUT, 15);
			curl_setopt($curl, CURLOPT_VERBOSE, 0);
			curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
			curl_setopt($curl, CURLOPT_FAILONERROR, 0);
			//Send request
			$result_json = curl_exec($curl);

HTTP Basic Authentication with JAVA

		// Your Site Settings
		String site_subdomain = 'REPLACE WITH YOUR SITE SUBDOMAIN';
		String site_public_key = 'REPLACE WITH YOUR SITE PUBLIC KEY';
		String site_private_key = 'REPLACE WITH YOUR SITE PRIVATE KEY';
		// API Access Domain
		String site_domain = site_subdomain + '.api.oneall.com';

		// Connection Resource
		resource_uri = 'https://' + site_domain + '/connections.json';
	    // Result Container
		String result_json = "";

			// Forge authentication string username:password
			String site_authentication = site_public_key + ":" + site_private_key;
			String encoded_site_authentication = new String(new Base64().encode(site_authentication.getBytes())).replaceAll("[\n\r]", "");
			// Setup connection
			URL url = new URL (resource_uri);
			HttpURLConnection connection = (HttpURLConnection) url.openConnection();
			// Connect using basic auth
			connection.setRequestProperty("Authorization", "Basic " +  encoded_site_authentication);
			StringBuilder sb = new StringBuilder();
			String line = null;

			// Read result
			BufferedReader rd = new BufferedReader(new InputStreamReader(connection.getInputStream()));
			while ((line = rd.readLine()) != null) {
			result = sb.toString();

		catch (Exception e)

		// Done
		System.out.println (result);

User Contributed Notes