Skip to content

Authentication

The Agent Controller API uses API key-based authentication for secure access.

API Key Authentication

All API requests must include a valid network API key in the request headers.

Header Format

x-network-api-key: your-network-api-key

Where to Include the API Key

  • REST API: Include in the x-network-api-key header
  • WebSocket: Include as a query parameter network_api_key

Example REST Request

POST /api/v1/external/tasks
Content-Type: application/json
x-network-api-key: your-network-api-key

{
  "user_id": "user123"
}

Example WebSocket Connection

const ws = new WebSocket('wss://data-services.aui.io/api/ia-controller/api/v1/external/session?network_api_key=your-network-api-key');

Error Responses

Unauthorized (401)

{
  "status_code": 401,
  "errors": [
    "Unauthorized"
  ]
}

Causes: - Missing API key - Invalid API key - Expired API key

Forbidden (403)

{
  "status_code": 403,
  "errors": [
    "Forbidden"
  ]
}

Causes: - API key doesn't have access to the requested resource - Task doesn't belong to the authenticated network

Getting Your API Key

Contact your administrator to obtain a network API key. The API key is associated with a specific network and provides access to tasks and resources within that network.

Security Best Practices

  1. Keep your API key secure - Never expose it in client-side code or public repositories
  2. Use HTTPS - Always use secure connections for API requests
  3. Rotate keys regularly - Request new keys periodically for enhanced security
  4. Monitor usage - Keep track of API usage and report any suspicious activity