Generating and Using an Authorization Key for Ripple’s API
To use Ripple’s cURL API, you must authenticate your identity using an Authorization Key. This key is an encrypted version of your username and password, ensuring secure API access while protecting sensitive credentials.
✅ You must be a Site Admin or Site Manager.
✅ You must have access to the study where data is being imported or exported.
Why is an Authorization Key Required?
📌 The Authorization Key verifies that you have the correct permissions to perform API actions.
📌 It prevents plain-text exposure of your username and password in API commands.
📌 The Authorization Key is unique to your Ripple credentials and can be decoded, so it must be kept secure.
⚠ Important: Never share your Authorization Key, as it can be decoded to reveal your login credentials.
How to Create Your Authorization Key
Follow these steps to generate your Authorization Key:
Step 1: Encode Your Credentials
1️⃣ Go to Base64 Encode.
2️⃣ Ensure the site is set to "Encode" mode.
3️⃣ In the top input box, enter your Ripple credentials using this format:
4️⃣ Click the "Encode" button(red).
Step 2: Copy Your Authorization Key
📌 After encoding, a Base64 string will appear in the output box.
📌 Copy this string (green) and store it securely.
Step 3: Use the Authorization Key in Your cURL Command
Replace YOUR_AUTH_KEY in the cURL command with your Base64-encoded Authorization Key.
Example: Exporting Data Using an Authorization Key
"https://your-ripple-instance.com/api/export""Authorization: Basic YOUR_AUTH_KEY""exportType=registry""file=@/Users/yourname/Desktop/export.csv"
Security Best Practices for Authorization Keys
✔ Do not share your Authorization Key with others.
✔ Store your key securely and avoid saving it in unencrypted files.
✔ Rotate your Authorization Key regularly by regenerating it if needed.
✔ Use secure connections (SSL/TLS) when making API requests.