The security mechanisms can be grouped into three categories:

  1. Authetication and Authorization
  2. Confidentiality
  3. Integrity

 

1.  Authetication and Authorization

  • An API-Key is used to authenticate an application for authorized access to the API.

 

2. Confidentiality

  • A SSL encoded channel is required for the transmission (HTTPS). The encryption algorithm can be chosen by the client.

 

3. Integrity

  • All API access is saved in detail, see the description about logged data.