Authentication

How it works

You must be a verified MRI OnLocation user to make API requests. This is an SSL-only API and is authenticated using API key authentication.

You can use either an authentication header or basic authentication.

Example header with API key

The authentication header contains the word APIKEY followed by a space and the API key in plaintext.

  curl -i -X POST \
    https://api.whosonlocation.com/v1/location \
    -H 'Content-Type: application/json' \
    -H 'Authorization: APIKEY abcdef1234567890' \

Basic authentication example

  curl -u abcdef1234567890: https://api.whosonlocation.com/v1/staff

Manage your keys in the API Management screen in OnLocation. API keys can be restricted to the following data:

  • Unrestricted
  • Locations/Access Points/Departments
  • Notifications
  • Certifications
  • Contractors
  • Staff (employees)
  • Visitors

Add an API key

You must have the Account Owner or IT Support user role to access to add an API key.

  1. Log in to OnLocation.
  2. Go to Tools > Account.
  3. Select API from the menu on the left.
  4. Click Add Key. Add API key button in OnLocation
  5. Select any access restrictions.
  6. Accept the Application Developer and API Agreement, then click Generate Key. Add API key pop-up window in OnLocation
  7. Click Close this Message.

To add another key, click Add Another on the API Management screen.

Remove a key

You must have the Account Owner or IT Support user role to add an API key.

  1. Log in to OnLocation.
  2. Go to Tools > Account.
  3. Select API from the menu on the left.
  4. Click Remove next to the API Key.
  5. Click Remove to confirm.