Getting started

Get Access to API

Authentication

Making your first request

Guides

Generate Doc X-Ray

Generate Bank X-Ray

Generate Financial X-Ray

Generate ESG X-Ray

Generate Manager X-Ray

Concepts

Overview

Request

Reports

Medium

Doc X-Ray

Bank X-Ray

Financial X-Ray

ESG X-Ray

Manager X-Ray

Resources

API versioning

Webhooks

Uploading a media

Authentication

Introduction

The Risk Assessment API uses API keys to authenticate requests.

In particular, authentication to the API is performed via the HTTP request headers.

In order to perform an authenticated API call, you must set the following three parameters in the header of your HTTP request:

• userId : ID of the user that is making the request
• sessionToken : API key
• October-Version : See current API version on API versioning page

In this page, we guide you through getting an October API key and making your first authentication request.

Getting API Keys

1. Sign in to your October account using our WebApp.
2. Click on the “Edit your profile” in the user menu, then “API token” section
   1. If you do not see the “API Token” section, please contact your October account manager.
3. Click on the “New token” button
4. Add a description for the token (e.g: “My API integration”) and confirm.
5. You will then see a Session Token, as well as your User ID.
6. Use those to communicate with the API

API Key for programmatic API calls

To perform an authenticated API call programmatically, you must set the following header information:

• userId: <YOUR-USER-ID>
• sessionToken: <YOUR-API-TOKEN>
• October-Version: <LATEST-OCTOBER-API-VERSION>

You will find bellow an example of http request using curl:

curl <https://api.lending.soprafinancing.io/requests>
  -H "October-Version: 2023-06-01"
  ****-H "userId: <YOUR-USER-ID>"
  -H "sessionToken: <YOUR-API-TOKEN>"

<aside> ❗ IMPORTANT All requests that are sent to October API should only be done using HTTPS. Indeed, all API calls that do not have the header structure shown above will be rejected with the HTTP error code: 401

</aside>

Well done! You should now be able to integrate with our API.

Keep API keys and User ID secure!

<aside> ❗ IMPORTANT The API key and userId provided to you carry your all the privileges given to you by October, so keep them secure! It is important that you do not share those informations in publicly accessible areas.

</aside>

← Previous

Getting Started: Get Access to API

Next →

Getting Started: Making your first request