Authentication

The Gift to Wallet API uses API Keys for authentication that are tied to a specific user account.
Restrictions to your user account also apply to the API key which means that if you have only access to certain templates, you’ll obviously only see these templates, even if your Customer account contains more. The API Key needs to be passed in the Authorization HTTP Header (see below for details).

Obtaining an API Key

To obtain an API Key, log in to Gift to Wallet and go to Integrations → API Keys (Direct link: https://veski.leikbreytir.is/api/doc ).

Click on the button to create a new API Key and enter a friendly name in the form that is shown now. The name will allow you to know what you’ve used the Key for.
After you click on “Create”, the system will show you the API key that has been generated. Due to the nature of how API Keys are stored this Key can’t be restored.

If you should ever lose your API Key, please generate a new one.

Using the API Key

To authenticate and authorize yourself when using the Gift to Wallet API, you need to pass the API Key in the Authorization Header of the HTTP request.

The syntax is like this:

Authorization: <your-api-key>

Best practice

We suggest to stick to a least privilege concept when creating API Keys. This means that if you are building an integration that should only have access to a certain pass-template, we suggest to create a service user (a separate login), that is restricted to just this template.
Create an API key for just that user instead of using one that has access to all data in your account.

Examples

The following are examples on how to set the Authorization header in a couple of different programming languages.

PHP

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "GET",
  CURLOPT_POSTFIELDS =>"{\n\t\"pushNotificationText\": \"This comes from the API!\"\n}",
  CURLOPT_HTTPHEADER => array(
    "Authorization: <your-api-key>",
    "Content-Type: application/json"
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

cURL

curl --location --request GET 'http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring' \
--header 'Authorization: <your-api-key>'

C

CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "GET");
  curl_easy_setopt(curl, CURLOPT_URL, "http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring");
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
  curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
  struct curl_slist *headers = NULL;
  headers = curl_slist_append(headers, "Authorization: <your-api-key>");
  headers = curl_slist_append(headers, "Content-Type: application/json");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
  const char *data = "{\n	\"pushNotificationText\": \"This comes from the API!\"\n}";
  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
  res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);

GO

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring"
  method := "GET"

  payload := strings.NewReader("{\n	\"pushNotificationText\": \"This comes from the API!\"\n}")

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("Authorization", "<your-api-key>")
  req.Header.Add("Content-Type", "application/json")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}

Node.js

var http = require('follow-redirects').http;
var fs = require('fs');

var options = {
  'method': 'GET',
  'hostname': 'veski.leikbreytir.is',
  'path': '/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring',
  'headers': {
    'Authorization': '<your-api-key>',
    'Content-Type': 'application/json'
  },
  'maxRedirects': 20
};

var req = http.request(options, function (res) {
  var chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function (chunk) {
    var body = Buffer.concat(chunks);
    console.log(body.toString());
  });

  res.on("error", function (error) {
    console.error(error);
  });
});

var postData = JSON.stringify({"pushNotificationText":"This comes from the API!"});

req.write(postData);

req.end();

Objective-C

#import <Foundation/Foundation.h>

dispatch_semaphore_t sema = dispatch_semaphore_create(0);

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@https://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring"]
  cachePolicy:NSURLRequestUseProtocolCachePolicy
  timeoutInterval:10.0];
NSDictionary *headers = @{
  @"Authorization": @"<your-api-key>",
  @"Content-Type": @"application/json"
};

[request setAllHTTPHeaderFields:headers];
NSData *postData = [[NSData alloc] initWithData:[@"{\n	\"pushNotificationText\": \"This comes from the API!\"\n}" dataUsingEncoding:NSUTF8StringEncoding]];
[request setHTTPBody:postData];

[request setHTTPMethod:@"GET"];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
  if (error) {
    NSLog(@"%@", error);
  } else {
    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
    NSError *parseError = nil;
    NSDictionary *responseDictionary = [NSJSONSerialization JSONObjectWithData:data options:0 error:&parseError];
    NSLog(@"%@",responseDictionary);
    dispatch_semaphore_signal(sema);
  }
}];
[dataTask resume];
dispatch_semaphore_wait(sema, DISPATCH_TIME_FOREVER);

Swift

import Foundation

var semaphore = DispatchSemaphore (value: 0)

let parameters = "{\n\t\"pushNotificationText\": \"This comes from the API!\"\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "https://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring")!,timeoutInterval: Double.infinity)
request.addValue("<your-api-key>", forHTTPHeaderField: "Authorization")
request.addValue("application/json", forHTTPHeaderField: "Content-Type")

request.httpMethod = "GET"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in 
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
  semaphore.signal()
}

task.resume()
semaphore.wait()

Ruby

require "uri"
require "net/http"

url = URI("http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Get.new(url)
request["Authorization"] = "<your-api-key>"
request["Content-Type"] = "application/json"
request.body = "{\n\t\"pushNotificationText\": \"This comes from the API!\"\n}"

response = http.request(request)
puts response.read_body

Python

import requests

url = "http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring"

payload = "{\n\t\"pushNotificationText\": \"This comes from the API!\"\n}"
headers = {
  'Authorization': '<your-api-key>',
  'Content-Type': 'application/json'
}

response = requests.request("GET", url, headers=headers, data = payload)

print(response.text.encode('utf8'))

Java (OkHttp)

OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
Request request = new Request.Builder()
  .url("http://veski.leikbreytir.is/api/pass/search/ab6427b6-26c9-4184-9e7b-7f2e4b2453ac/searchstring")
  .method("GET", null)
  .addHeader("Authorization", "<your-api-key>")
  .addHeader("Content-Type", "application/json")
  .build();
Response response = client.newCall(request).execute();