Getting started
How can I start developing with the company API?
Our API is available for registered account-holders of our platform. API Credentials will be provided upon account provisioning.
API Authentication
To use endpoints in our API, requests need to be sent with a valid Access Token. This token can be obtained via OAuth Client Credentials Flow. This Authentication Flow involves an application exchanging its API Credentials for an Access Token.
Consider the following example:
Obtaining an Access Token
Request:
curl --location --request POST 'https://auth.platform.satellogic.com/oauth/token' \
--header 'content-type: application/json' \
--data-raw '{
"client_id": "<API_CREDENTIAL_ID>",
"client_secret": "<API_CREDENTIAL_SECRET>",
"audience": "https://api.satellogic.com/",
"grant_type": "client_credentials"
}'
Once the Access Token is generated, it will be valid for 24hrs, and it needs to be sent in the request header under the authorizationToken
header, preceded by the Bearer
keyword, as shown in the example below.
Authenticating API Requests
Access Token Expiration
Access Tokens will expire in 24hrs and will need to be requested again. If an expired token is used, the API will reply with an unauthorized response.
Python example
import requests
import json
url = "https://auth.platform.satellogic.com/oauth/token"
payload = json.dumps({
"client_id": "<API_CREDENTIAL_ID>",
"client_secret": "<API_CREDENTIAL_SECRET>",
"audience": "https://api.satellogic.com/",
"grant_type": "client_credentials"
})
headers = {
'Content-Type': 'application/json'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
Deprecated Authentication Method
Deprecation notice
Important: We are introducing a new authentication server at https://auth.platform.satellogic.com/oauth/token
. The previous authentication server at https://login.satellogic.com/oauth/token
will be deprecated on November 30.
We are also discouraging the use of the legacy authentication method, which involves explicitly sending API Credentials in requests. This approach is deemed less secure, and we encourage all users to migrate their API Authentication to the OAuth Client Credentials Flow described above.
Effective November 30:
The previous authentication server will be deprecated. The key,secret authentication method will also be deprecated. All users relying on the deprecated authentication methods must generate new API Credentials in the Accounts Service Console in order to use the new authentication server.
Anatomy of an authorizationToken
Assuming tTcPujCyJTYxIPbdqfgL3gjKTZ39fLl3
is the API_CREDENTIAL_ID and D1xkJk0Eme8xvddBYoQpg33GJqcNwdpRQaoWNP0WYi96d44E0YwzWUb7D_S7L6X1
is the API_CREDENTIAL_SECRET
authorizationToken: Key,Secret tTcPujCyJTYxIPbdqfgL3gjKTZ39fLl3,D1xkJk0Eme8xvddBYoQpg33GJqcNwdpRQaoWNP0WYi96d44E0YwzWUb7D_S7L6X1