Authentication

The Spexi APIs uses API key authentication with Bearer token authorization. All API requests require a valid API key to ensure proper access control and usage tracking.

Creating an API Key

API keys are generated through your Spexi World account dashboard. Each key provides access to imagery collections based on your account permissions.

1

Access Account Settings

  • Log in to Spexi World

  • Navigate to the Settings page using the cog icon in the bottom-left sidebar navigation

2

Generate an API Key

  • Locate the API Keys section within Settings

  • Click Create New Key

  • Provide a descriptive name for your API key to distinguish it from other keys in your account

  • Click Create Key

3

Secure your API Key

After generation, your API key will be displayed once. Copy the key immediately and store it securely, as the complete key will not be displayed again for security purposes.

Using Your API Key

Include your API key in the Authorization header of every API request using the Bearer token format:

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X GET "https://api-world.spexi.com/api/ogc/v1/collections" \
  -H "Authorization: Bearer YOUR_API_KEY"

Replace YOUR_API_KEY with your actual API key value.

Security Best Practices

Proper API key management is essential for maintaining account security and preventing unauthorized access.

Key Storage

  • Store API keys in environment variables or secure credential management systems

  • Never commit API keys to version control repositories

  • Avoid embedding keys directly in client-side code or public applications

Key Management

  • Use descriptive names to identify the purpose of each key

  • Rotate keys periodically to enhance security

Key Compromise

If an API key is compromised or accidentally exposed:

  1. Return to the API Keys section in Settings

  2. Delete the compromised key immediately

  3. Generate a new replacement key

  4. Update all applications using the previous key

Key Limitations

API keys inherit the access permissions of your Spexi World account. Available imagery collections and usage limits are determined by your account tier and geographic access rights.

Troubleshooting Authentication

Common Authentication Errors

401 Unauthorized: Indicates an invalid or missing API key

  • Verify the API key is correctly formatted in the Authorization header

  • Confirm the key has not been deleted or deactivated

  • Check for extra spaces or characters in the key value

403 Forbidden: API key is valid but lacks permission for the requested resource

  • Verify your account has access to the specified collection

  • Contact support if you believe you should have access to the requested data

Testing Authentication

Verify your API key is working correctly by making a request to the collections endpoint:

A successful response indicates proper authentication

PreviousQuick StartNextCore Concepts

Last updated