Skip to main content

Security

API Key based authentication

Monetization API endpoints are secured with an API Key
To get started you will first need an API Key
An API Key must be provided on each HTTPS request via X-InBrain-Api-Key header

info

To get your API Key, head over to Account Setup and setup your account.

Additional Security Notes

HMAC based authentication on links

Monetization API survey entry links and client redirect links are signed with a SHA256 hash key
Each partner has a dedicated unique Secret key that can be provided by an inBrain Account Representative
Secret key is used by both partner and inBrain to generate and/or verify the hash signature on the links
- Hash signature generation process is described in Hash signature section

HMAC based authentication on S2S callbacks

Monetization API uses the same S2S callback mechanism that is used across the entire inBrain product suite
Your Secret key as mentioned in the previous section is used by inBrain to sign the S2S callback request
See full S2S callbacks documentation for more details

API Key based authentication
Additional Security Notes
- HMAC based authentication on links
- HMAC based authentication on S2S callbacks