Authentication

Authentication

Summary

The Everflow API is organized around REST and uses built-in HTTP features (Verbs, Error Codes, etc.)

The host for all requests is https://api.eflow.team/v1[1]. All requests must be made over HTTPS.

The JSON format is returned by all API responses, including errors.

[1]: A very small subset of Everflow accounts are hosted on EU servers only. For these accounts the host is `https://api-eu.eflow.team/v1`. Please speak to your account manager if you are unsure if this applies to you.

Making Requests

The Accept header is not required, though you can specify it using Accept : application/json

All requests must be authentified using your API Key (see Authentication section for more details). Requests made without authentication will fail.

Request Body

When submitting data to a resource via POST, PUT or PATCH, you must submit your payload in JSON.

{ "property" : "value" }

Authentication

All requests to the Everflow API must be authenticated using an API key.

To authenticate add a X-Eflow-API-Key header to your request that contains your API Key.

For example :

# Network API
curl -H "X-Eflow-API-Key: --your-api-key--" --url https://api.eflow.team/v1/networks

# Affiliate API
curl -H "X-Eflow-API-Key: --your-api-key--" --url https://api.eflow.team/v1/affiliates/affiliate

# Advertiser API
curl -H "X-Eflow-API-Key: --your-api-key--" --url https://api.eflow.team/v1/advertisers/advertiser

# Partner API
curl -H "X-Eflow-API-Key: --your-api-key--" --url https://api.eflow.team/v1/partners

Please note that using an API key for the wrong portal (e.g. using the Affiliate API key to access an Advertiser API endpoint) will result in a 403 error with the error message Out of realm.

API Keys

API Keys are generated directly in the Everflow UI.

Network API Keys

Network API keys are created from the “Security” section of the Control Center.

Security Console

Each key has its own set of permissions, independant of the user it is associated with :

API Key Permissions

Note that while the API key name and permissions can be modified after the creation, the API key itself will only be shown once upon its creation and never again. Make sure to keep it somewhere safe and revoke it immediately if you suspect it has been compromised.

Affiliate API Keys

Affiliate API keys are created and managed by the network users. Affiliate users cannot create keys themselves and must rely on a network user to create the key and hand it over. API keys are created under the “API” tab in the Manage Affiliate section :

Affiliate API Keys

Advertiser API Keys

Advertiser API keys are also created and managed by the network users. Advertiser users cannot create keys themselves and must rely on a network user to create the key and hand it over. API keys are created under the “API Keys” tab in the Managed Advertiser section :

Advertiser API Keys

Partner API Keys

Partner API keys do not exist by default and must be requested to your account manager.

When a key does exist, it will appear under the API tab of the My Account section :

Advertiser API Keys