IRP Shopper
Common Tasks (1)
Open
Interventions (1)
Open
Languages (1)
Open
Questions & Answers (1)
Open
Reviews (1)
Open
Site Scripts (1)
Open
Web Services (1)
Open
Training Videos
Peer Support

API - API Keys

You can find this section under Server Management > API Keys in the IRP Admin left navigation menu.

You use this section to enable API Request Handling, generate secure API Key-Shared Secret pairs to 'sign' and verify each message, and to ensure that only specific IP Addresses can send posts to the API Key. You can then make use of various methods within APIs such as the Baskets API which you use for adding items to baskets on Desktop, Trade and Mobile sites. For full details, see API - Getting Started.

APIKeys.aspx Page

The main APIKeys.aspx page appears as follows:

API Keys page

This shows the following details:

  • ID: This is the unique IRP ID of the API Key, generated automatically by the IRP system.
  • API Key: This shows the generated API Key.
  • IP Address Restricted?: This indicates whether or not the API Key will accept posts only from specific IP Addresses.
  • Number Of Permitted IP Addresses: This shows the number of IP Addresses that can send posts to the API (if any).
  • Date Added: This shows the date and time when the API Key was added using IRP Admin.
  • Edit: Click this button to make changes to an API Key. For details, see the How To Generate an API Key and Add IP Address Restrictions article later in this section.

At the top of the page you can use the following buttons:

  • Enable / Disable API Request Handling: This is the main switch for enabling and disabling the API functionality. While the API is disabled, you can still create and set up API Keys however no requests posted to the API will be handled. For more details, see the How To Generate an API Key and Add IP Address Restrictions article later in this section.
  • Generate New API Key: Click this button to automatically generate a new API Key and Shared Secret pair that is required to perform functions with the API. For more details, see the How To Generate an API Key and Add IP Address Restrictions article later in this section.

API Key Log

The Log tab on the APIKeyEdit.aspx page contains an audit trail of all actions that Admin Users have carried out for the API functionality.

Using the IRP API

For information about using the IRP API, see API - Getting Started.

How To Guides (1)

Close
Close
How To Generate an API Key and Add IP Address Restrictions

To enable API Request Handling and generate an API Key, proceed as follows:

  1. Go to Server Management > API Keys in the IRP Admin left navigation menu.
    If the API functionality is not currently being used, you will see the following message:
    API Not Enabled button
    (While the API is disabled, you can still create and set up API Keys (as described in the steps that follow), however no requests posted to the API will be handled.)
  2. Click the Enable API Request Handling button at the top of the page. The button will change from grey to green and the button text will change to 'Disable':
    Disable API Request Handling button
  3. Click the Generate New API Key button at the top of the page.
    You will be redirected to the APIKeyEdit.aspx page where you will be prompted to confirm your decision:
    Generate New API Key button
  4. Click Generate New API Key to continue (or, if you are editing an API Key, click the Update API Key button).
    This will automatically generate a new API Key and Shared Secret pair that is required to perform functions with the API:
    API Key and Shared Secret
    Note that if you are subsequently editing this API configuration, you will have to explicitly choose to show the Shared Secret:
    Show Shared Secret button
    (If you click the Show button, an audit entry will be added which you can view on the Log tab.)
  5. Ensure that the Active check box is ticked if you want to proceed to use the API.

Enabling JavaScript Access

You can allow an API Key to be called via JavaScript from an external domain and you have the option to restrict each key to a specific domain for JavaScript requests or leave them open to any domain. To do this, proceed as follows:

  1. Check the Enable JavaScript Access box.
  2. In the 'JavaScript Origin Domain' text box enter the appropriate domain name (this will be pre-filled with 'https://').
  3. Click the Update API Key button.

Adding IP Address Restrictions

If you do not need to ensure that only specific IP Addresses can send posts to the API Key, then you can leave the Restrict To Specific IP Addresses setting on the APIKeyEdit.aspx page set to the default value of No:

Restrict To Specific IP Addresses - No

Otherwise, proceed as follows:

  1. Click the Yes radio button for the Restrict To Specific IP Addresses setting:
    Restrict To Specific IP Addresses - Yes
  2. Enter the IP Addresses that are allowed to send posts to the API Key using the IP Address box. You can add multiple IP addresses at once, delimiting each with a comma. Note that every IP Addresses you enter must use the IPv4 format of 'x.x.x.x' where each 'x' is a number between 0 and 255. None of entries in the list will be saved if even one of the IP Addresses does not use the correct format.
  3. Click the Add button.
  4. Click the Update API Key button (the IP Addresses will not be saved until you click this button).
    The addresses will be shown in the Current IP Addresses section at the bottom of the page.
  5. Subsequently, if you want to delete an IP Address, select the IP Address(es) in the 'Current IP Addresses' box and click the Delete button.

Copyright © 2020 IRP Commerce. Use of this website constitutes acceptance of the IRP World Terms of Use, IRP Privacy Policy and IRP Cookie Policy

IRP Commerce Limited, Concourse 3, Catalyst, BT3 9DT, UK. Company Number: NI 041856. VAT Number: GB 888249658
A Deloitte Fast 50 Company seven times: 2010, 2011, 2012, 2013, 2014, 2018 & 2019