Authentication
All Solar Proof API requests require authentication using an API key. Learn how to generate, use, and secure your API key.
How Authentication Works
The Solar Proof API uses API keys to authenticate requests. Your API key acts as your unique identifier and grants access to your account data. Include your API key in every request as a query parameter.
Getting Your API Key
Follow these steps to generate your API key:
1 Log Into Solar Proof
Sign in to your Solar Proof account at solarproof.com.au
2 Navigate to Settings
Click on your profile icon in the top right corner and select "Settings" or "Account Settings" from the dropdown menu.
3 Find the API Section
Look for the "API Access" or "Developer" section in your account settings. This is where you'll manage your API keys.
4 Generate Your Key
Click "Generate API Key" or "Create New Key". Your unique API key will be displayed. Copy it immediately and store it securely.
Using Your API Key
Include your API key as a query parameter named api_key in all API requests:
https://solarproof.com.au/apidata.php?action=ACTION_NAME&api_key=YOUR_API_KEYExample Requests
curl "https://solarproof.com.au/apidata.php?action=getallcustomers&api_key=YOUR_API_KEY"curl -X POST "https://solarproof.com.au/apidata.php?action=createcustomer&api_key=YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"data": {
"customer_email": "john@example.com",
"customer_name": "John Doe"
}
}'const apiKey = 'YOUR_API_KEY';
const action = 'getallcustomers';
fetch(`https://solarproof.com.au/apidata.php?action=${action}&api_key=${apiKey}`)
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));Authentication Errors
If authentication fails, you'll receive an error response. Here are common authentication errors:
| Error | Cause | Solution |
|---|---|---|
Invalid API key |
The API key provided doesn't exist or has been revoked | Verify your API key is correct. Generate a new key if needed |
Missing API key |
No API key was provided in the request | Add api_key=YOUR_KEY to the query string |
API key expired |
Your API key has expired (if expiration is enabled) | Generate a new API key in your account settings |
Unauthorized access |
API key doesn't have permission for this resource | Check your account permissions or contact support |
Security Best Practices
Keep Your API Key Secret
Never share your API key publicly, commit it to version control, or expose it in client-side code. Use environment variables to store API keys.
Use Server-Side Code Only
Make API calls from your server, not from client-side JavaScript in the browser. This prevents exposing your API key to end users.
Use HTTPS Always
Always use HTTPS when making API requests to ensure your API key is encrypted during transmission.
Rotate Keys Regularly
Periodically generate new API keys and update your applications. This limits the impact if a key is compromised.
Monitor API Usage
Regularly review your API usage logs in your Solar Proof account to detect any unauthorized access or suspicious activity.
Revoke Compromised Keys
If you suspect your API key has been compromised, immediately revoke it in your account settings and generate a new one.
Using Environment Variables
Store your API key in environment variables rather than hardcoding it in your application:
Node.js / JavaScript
SOLARPROOF_API_KEY=your_api_key_hererequire('dotenv').config();
const apiKey = process.env.SOLARPROOF_API_KEY;Python
from dotenv import load_dotenv
import os
load_dotenv()
api_key = os.getenv('SOLARPROOF_API_KEY')PHP
<?php
$api_key = getenv('SOLARPROOF_API_KEY');
?>- Never commit API keys to Git repositories
- Add
.envto your.gitignorefile - Use different API keys for development and production
- Document API key setup in your project's README