Hoover's API Version 3.4 - Security

Security

1. API Key

All users must provide their API Key in every call made to Hoover's API. This key is specific to an environment. Therefore, your Hoover's API Development key will not work for Production and vice versa. Make sure you are using the correct key/environment pair.

1.1 SOAP Services

The SOAP header element that contains the API Key is defined in the WSDL, and the provided sample code contains examples in Java Spring, .Net WCF, and PHP of how to use the API Key header.

 

1.2 REST Services

For REST service calls, the API Key should be passed in as an HTTP header element called "API-KEY" and the provided sample code contains examples in Java Spring, .Net WCF, and PHP of how to use the API Key header.

 

2. Logging In

2.1 SOAP Services

Users can provide a username and password in the SOAP header for every call made to SOAP calls in the Hoover's API to invoke authentication. This header is optional and should be used ONLY if authentication is required (a call will be documented as needing authentication). It is suggested that you use HTTPS for any call that involves a username and password.

The SOAP header element that contains the username and password is defined in the WSDL, and the provided sample code contains examples in Java Spring, .Net WCF, and PHP of how to use the username and password header.

2.2 REST Services

Users must provide a username and password in the HTTP header for every call made to REST calls in the Hoover's API to invoke authentication. This header is required. You should use HTTPS for any REST call

The HTTP header key/value that contains the username and password is provided in the sample code in Java Spring, .Net WCF, and PHP. The key for username should be "username" and the password should be "password".

2.3 Credentials for HooversAPI development environment

username: developmentHAPI
password: hoover5API