Authentication

The Spexi API uses API key authentication. All requests require a valid API key included in the request header to ensure proper access control and usage tracking.

Creating an API Key

API keys are generated through your Spexi World account dashboard. Each key provides access to imagery collections based on your account permissions.

Access Account Settings

Log in to Spexi World
Navigate to the Settings page using the cog icon in the bottom-left sidebar navigation

Generate an API Key

Locate the API Keys section within Settings
Click Create New Key
Provide a descriptive name for your API key to distinguish it from other keys in your account
Click Create Key

Secure your API Key

After generation, your API key will be displayed once. Copy it immediately and store it securely - the complete key will not be displayed again.

Using Your API Key

Include your API key in the x-api-key header of every request:

x-api-key: YOUR_API_KEY

Example Request

curl -H "x-api-key: YOUR_API_KEY" \
  "https://world.spexi.com/developer-api/api/v1/image?p=-123.1216,49.2827,100"

Replace YOUR_API_KEY with your actual API key value.

Security Best Practices

Proper API key management is essential for maintaining account security and preventing unauthorized access.

Key Storage

Store API keys in environment variables or secure credential management systems
Never commit API keys to version control repositories
Avoid embedding keys directly in client-side code or public applications

Key Management

Use descriptive names to identify the purpose of each key
Rotate keys periodically to enhance security

Key Compromise

If an API key is compromised or accidentally exposed:

Return to the API Keys section in Settings
Delete the compromised key immediately
Generate a new replacement key
Update all applications using the previous key

Key Limitations

API keys inherit the access permissions of your Spexi World account. Available imagery collections and usage limits are determined by your account tier and geographic access rights.

Troubleshooting

Common Authentication Errors

401 Unauthorized: Indicates an invalid or missing API key

Verify the x-api-key header is included in your request
Confirm the key has not been deleted or deactivated
Check for extra spaces or characters in the key value

403 Forbidden: API key is valid but lacks permission for the requested resource

Verify your account has access to the specified collection
Contact support if you believe you should have access to the requested data

PreviousIntroduction NextImage API

Last updated 1 month ago

hashtagCreating an API Key

hashtagAccess Account Settings

hashtagGenerate an API Key

hashtagSecure your API Key

hashtagUsing Your API Key

hashtagExample Request

hashtagSecurity Best Practices

hashtagKey Storage

hashtagKey Management

hashtagKey Compromise

hashtagKey Limitations

hashtagTroubleshooting

hashtagCommon Authentication Errors