Authentication & Authorization

The Extension API establishes secure communication through an API key. This APl Key should be passed as a Bearer Token in the Authorization header of requests as shown in the following examples:

curl --request POST \
     --url https://{clientId} \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer dedfe8bc2c1448e7b2af7d1ad95a03c4'
var client = new RestClient("https://{clientId}");
var request = new RestRequest(Method.POST);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer dedfe8bc2c1448e7b2af7d1ad95a03c4");
IRestResponse response = client.Execute(request);
const options = {
  method: 'POST',
  headers: {
    Accept: 'application/json',
    'Authorization': 'Bearer dedfe8bc2c1448e7b2af7d1ad95a03c4'

fetch('https://{clientId}', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

Locating Your API Key

When an Extension API Key is Generated it is only ever shown once after being generated. Another key may need to be generated if a prior key was not saved in a secure place for future reference.



The DirectScale Platform has both Live and Stage environments. You have separate keys for these environments. The environment you get your key from is linked to that environment. A key for stage will not work for live and a key for live will not work for stage.

  • Each environment has it's own address, they can be delineated by the directscale section of the url.
    • Live - https://{clientId}
    • Stage - https://{clientId}