Skip to content

Getting started

How can I start developing with the company API?

Our API is available for registered account-holders of our platform. API Credentials will be provided upon account provisioning.

API Authentication

To use endpoints in our API, requests need to be sent with a valid Access Token. This token can be obtained via OAuth Client Credentials Flow. This Authentication Flow involves an application exchanging its API Credentials for an Access Token.

Consider the following example:

Obtaining an Access Token

Request: 

curl --location --request POST 'https://auth.platform.satellogic.com/oauth/token' \
--header 'content-type: application/json' \
--data-raw '{
    "client_id": "<API_CREDENTIAL_ID>",
    "client_secret": "<API_CREDENTIAL_SECRET>",
    "audience": "https://api.satellogic.com/",
    "grant_type": "client_credentials"
}'
Response: 
{
    "access_token": "<ACCESS_TOKEN>",
    "scope": "api:tasking api:delivery",
    "expires_in": 86400,
    "token_type": "Bearer"
}

Once the Access Token is generated, it will be valid for 24hrs, and it needs to be sent in the request header under the authorizationToken header, preceded by the Bearer keyword, as shown in the example below.

Authenticating API Requests 
curl --location --request GET 'https://api.satellogic.com/tasking/tasks/' \
--header 'authorizationToken: Bearer <ACCESS_TOKEN>'

Access Token Expiration

Access Tokens will expire in 24hrs and will need to be requested again. If an expired token is used, the API will reply with an unauthorized response.

Python example

import requests
import json

url = "https://auth.platform.satellogic.com/oauth/token"

payload = json.dumps({
  "client_id": "<API_CREDENTIAL_ID>",
  "client_secret": "<API_CREDENTIAL_SECRET>",
  "audience": "https://api.satellogic.com/",
  "grant_type": "client_credentials"
})
headers = {
  'Content-Type': 'application/json'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)

Deprecated Authentication Method

Deprecation notice

Important: We are introducing a new authentication server at https://auth.platform.satellogic.com/oauth/token. The previous authentication server at https://login.satellogic.com/oauth/token will be deprecated on November 30.

We are also discouraging the use of the legacy authentication method, which involves explicitly sending API Credentials in requests. This approach is deemed less secure, and we encourage all users to migrate their API Authentication to the OAuth Client Credentials Flow described above.

Effective November 30:

The previous authentication server will be deprecated. The key,secret authentication method will also be deprecated. All users relying on the deprecated authentication methods must generate new API Credentials in the Accounts Service Console in order to use the new authentication server.

Anatomy of an authorizationToken

authorizationToken: Key,Secret <API_CREDENTIAL_ID>,<API_CREDENTIAL_SECRET>
Assuming tTcPujCyJTYxIPbdqfgL3gjKTZ39fLl3 is the API_CREDENTIAL_ID and D1xkJk0Eme8xvddBYoQpg33GJqcNwdpRQaoWNP0WYi96d44E0YwzWUb7D_S7L6X1 is the API_CREDENTIAL_SECRET

authorizationToken: Key,Secret tTcPujCyJTYxIPbdqfgL3gjKTZ39fLl3,D1xkJk0Eme8xvddBYoQpg33GJqcNwdpRQaoWNP0WYi96d44E0YwzWUb7D_S7L6X1
Last update: 2024-10-15