The API tab is the interface where you can browse API credentials and functionalities, and define access restrictions.
API key and secret
The API tab opens up to the page where you can find the API key and secret to set up connections between your loyalty program and other integrated services (eg. newsletter providers).
The API secret is only accessible upon the generation of API credentials, then it is hidden from the Backoffice for security reasons. Make sure to copy and store it securely in case you may need it later.
Please note, that if you generate new API credentials, all of the existing connections will stop functioning, until the new credentials are entered.
API Browser
You can also find a link to the API browser on this page, where your developer can browse the available API methods.
Events - submit API events
Customers - access endpoints of the Customer API
The Debug tab provides the entire content of the requests and Antavo’s responses to failed API calls.
Read more in the API documentation.
IP Filter
Under the IP filter tab, you can define specific IP addresses that can access each API endpoint.
This tab is only available if the IP filter module has been enabled in the Backofficle. Please contact the Antavo Service Desk to help you activate the module.
Select the API endpoint from the dropdown list
Click the icon
Paste the IP address or IP range (with a CIRD number) that you’d like to authorize
Click the corresponding to add multiple addresses or ranges.
eg. if you add192.168.1.2
and192.168.0.3/24
, only the 192.168.1.2 and range of 192.168.0.[0-255] IP addresses will go through, otherwise the endpoint responds with a forbidden exceptionClick ‘Update’ to save your settings
You can remove filters using the button anytime.
Signature enforcement
The Signature enforcement tab is available ifthe API signature check module is enabled. Please contact the Antavo Service Desk if you want to start using this feature.
If signature enforcement is enabled for an API endpoint then requests with plain API keys are rejected with an authentication error, only the requests with proper signatures can be recorded.
Learn more on how to add signatures to your API requests here.
Use the checkboxes to enable signature enforcement for any of the available endpoints.
Display API
Customer API
Workflow Campaigns API
Entities API
FAQ API
Leaderboard API
Levels API (legacy endpoint)
Offers API
Rewards API
Coupons API
Events API
Don’t forget to click ‘Update’ before leaving the page to make your changes effective.