Guides
Login
Start typing to search…

Authentication

To make API requests to FastPix you need Access Tokens. These tokens serve as the gateway to the API, granting authorized access to various endpoints.


PLEASE NOTE

All API requests are authenticated with a valid Access Token and Secret Key.
You need to use these in the headers of your API requests.


Prerequisites

Just a valid account with FastPix. Click here to Sign Up.

Also note, to generate and manage access tokens you need have admin privileges. Members or regular users won’t have access to the access tokens settings page below.


Get your Access token ID and Secret Key

  • Login to your FastPix dashboard
  • Navigate to Org Settings > Access Tokens
  • Click on Generate new token

FastPix organization settings dashboard to create new access token

As a next step, a pop-up will appear with required inputs to create your new Access Token.

  • Add your Access Token name
  • Select the Workspace where you want to generate a new Access Token.
  • Give permissions as per the purpose of using the Access Token.
  • Next, click the Generate access token button

This action will generate your new Access Token ID and Secret Key.


Generating new access token in FastPix

PLEASE NOTE

To keep the Access Token information (Secret Key) for future use, download an workspace file (.env) that stores these details. FastPix doesn’t store the exact Secret Key.


It's important to note that FastPix only stores a secret hash, not the Secret Key itself. If the Secret Key is lost, FastPix cannot retrieve it, necessitating the creation of a new Access Token.

The Access Token ID and Secret Key you receive act like a key-pair, allowing you to access FastPix APIs that require basic authentication.

The Access Token ID serves as the username, while the Secret Key functions as the password.

  • Username: Access Token ID
  • Password: Secret Key

Example request with cURL

Here’s an example of authenticating a request using cURL:

curl -X POST 'https://v1.fastpix.io/on-demand'
   --user {Access Token ID}:{Secret Key} \
   -H 'Content-Type: application/json' \
   -d '{
   "inputs": [
      {
         "type": "video",
         "url": "https://static.fastpix.io/sample.mp4",
      }
   ],
   "accessPolicy": "public"
}'

PLEASE NOTE

You can handle the base64 encoding of the username and password in your server-side code, allowing the library to manage the header details.


Authenticating requests during integration

FastPix’s API endpoints require authentication via HTTP Basic Auth. Here’s how it works:

  • Base64 encoding: Concatenate the Access Token ID (username) and Secret Key (password) using a colon (“:”). Then base64 encode the resulting string.

  • Authorization header: The header value should start with “Basic” followed by a space and the base64 encoded result from previous step.

    The header value follows this format - Authorization: Basic base64(username:password)


Access token permissions

  • Read and write permissions:
    If you need to create and modify resources (e.g., media, direct uploads, live streams), ensure your Access Token has both read and write permissions.

  • Read-only permission:
    If your code primarily involves GET requests without creating resources, limit the Access Token to read-only permissions.

Selecting workspace for access token

Access tokens are workspace-specific. For example:

  • A development token is meant for testing and experimentation and is not valid for requests in a production workspace.
  • A production token is valid for live requests in a production environment and similarly can’t be used for a development workspace.

When generating an Access Token, ensure it aligns with your intended use case. Mixing up tokens could lead to unexpected results!



Revoke access token

In the unfortunate event of a leaked secret key (due to a security breach or accidental exposure), immediate action is necessary. Revoke the corresponding Access Token promptly. You can do this from the Org Settings page: Access Tokens. By revoking the token, you prevent unauthorized access and maintain the integrity of your FastPix account.


Revoke Access Token - FastPix

Admin privileges

Access to the access tokens settings page is restricted to administrators within the FastPix organization. Members or regular users won’t have access. Therefore, admins play a crucial role in managing tokens and ensuring their proper use.

Updated 8 days ago