Before calling the API, you first need to generate an API key and a JSON Web Token (JWT) on the API Keys page of the Elevio dashboard. The API key is used to identify and rate limit the customer account to which you belong, while the JWT is used to restrict the access for the resources you are trying to read and write. Make sure you keep the key and token secure at all times.

You can choose to create different key-token pairs for different purposes so that if one pair is compromised it does not affect the rest. You can also revoke any pair if it is compromised by deleting it from the said page.

Once you have generated the key and token, include the following headers in each API call

  • x-api-key: your API key
  • Authorization: Bearer [your JWT]