API Key

All API methods with a few exceptions take a header parameter "api-key" to allow user authentication. A valid value of the "api-key" can be obtained by calling the API method POST "/auth/loginPlainText" or POST "/auth/login". If you call POST "/auth/loginPlainText" the response string itself can be used as the "api-key". If you call POST "/auth/login" the "result" property of the response object can be used as the "api-key".

If you are making API calls via the MM REST API SDK Documentation (or REST API UI), you only need to login once by providing the username and password and clicking on the Login button in the upper right corner. The MM REST API UI will inject the "api-key" header in all subsequent calls.

An "api-key" will become invalid after a "/auth/logout" call is made, the Login timeout is reached, or the Logout button in the upper right corner of the MM REST API UI is clicked.

Note that we renamed the header parameter from "api_key" to "api-key" in MM 11.1.0.