you’re looking to do multiple API calls, it isn’t convenient
to manually enter the API key string every time. This is
where the request header or cookie options come into
play.
Example 6-1 String-Based API Key ExampleClick here to view code image
GET /something?api_key=abcdef12345Request headers are frequently used when a user is
making multiple API calls and doesn’t want to keep
having to put the API key into each API individually. This
approach is typically seen in Postman and Python
scripts. The header must include the string or token in
the header of each API call. Example 6-2 shows the
request header option for API key authentication.
Example 6-2 Request Header API Key ExampleGET /something HTTP/1.1
X-API-Key: abcdef12345Finally, one of the most common methods for recurring
API calls is to use cookies. A cookie stores the API key
string and can be reused and stored over and over. This
is synonymous with a header. Example 6-3 shows an API
key cookie that uses the same key as the previous
examples.
Example 6-3 Cookie API Key ExampleClick here to view code image
GET /something HTTP/1.1
Cookie: X-API-KEY=abcdef12345Note