If API keys are required for use with BLADE requests then each use of a BLADE URL will require an API key value to be used. This feature needs to be enabled as described here: https://bannisterlake.atlassian.net/wiki/spaces/ST/pages/2881716241 .

API Key in the URL

You can send the api key value with each BLADE url request by simply adding it as an additional parameter to the request. The API key in the URL is used if given. The header is only checked if the key in the URL doesn’t exist or is blank.

Parameter name: api_key.
The parameter name is not case-sensitive but the key value itself is

URL Example:

API Key in the Header

If the API key is not included in the URL parameters or the key does not exist then the Headers of the request are checked next. It looks for a header with the name: API-Key

The header name is not case sensitive but the API key value is case sensitive.

Response Status Codes

The following are the expected status codes from a BLADE request when API keys are enforced.

• 200 - OK - is the normal response if the API key is valid

• 403 - Forbidden - if the API key is not valid / not found

• 429 - Too Many Requests - if the API key is valid but is being rate limited

Response Headers

It will add the following headers to each response that require an API with rate limits:

• RateLimit-Limit - the number of requests per time window

• RateLimit-Remaining - the number of requests still available in the current time window

• RateLimit-Reset - the number of seconds before the current time window is reset

• Retry-After - only used if the rate limit is exceeded

  • the number of seconds before the current time window is reset