Table of Contents

Remote API Security Keys

Admin Page: Site Setup > Remote API Security Keys

These settings are used to connect and interact with your site, from "external" software. It allows software running on a different domain name, even on a different server altogether1), to interact with the Geo software remotely.

The security keys listed on this page will be different for every Geo installation you have. This page only displays information that you may need, in order to allow other software to connect to your site. There are not settings that can be changed on this page, just information.

For security reasons, never give out any of the API Security Keys to anyone that you do not trust, especially the "Master API Key".

Developers: take a look in the folder classes/api/_samples/ for sample client scripts that you can use, there is one for each API call with instructions in the file on how to use it.

Remote API URL

This is the URL used to make remote API calls.

Note: This URL is generated automatically by looking at your settings in other areas of the software. If you have Use SSL for Listing Process turned off, but your site is SSL capable by changing http to https, in the URL replace http: with https: when using the URL, as sensitive data can sometimes be sent during a remote API call.

Remote API Security Keys

This section lists all of the Remote API keys. There is one "master key" that can be used to run any Remote API call, and then there are individual keys for each individual remote API call, that will only work for that specific remote API call.

Master API Key

This is the master remote API key that can be used to run any of the remote API calls.

Keys to use specific API Calls

These keys can only be used for their specific API call. This level of security allows you to give out a "key" (or to give out a script that contains a key), that goes to one specific API call to do one specific thing, without worrying about granting access to allow doing anything else in the system that you might not want to allow.

Developer Documentation for Remote API

See Remote API

1)
Or even from the same server and domain name