Security
This section covers the security measures implemented by the Algbra Labs API platform to protect partner data, including encryption, authentication, and access controls.
At Algbra, we prioritize security, and therefore, accessing our API via HTTPS is mandatory in all environments. Additionally, production access to our API is restricted to IP addresses that are white-listed. We will manage the white-listing process for you during onboarding.
To ensure that only authorized users can access the API, we require you to prove your identity before granting access. We use HMAC authentication on all environments, which involves calculating a signature based on certain message contents and including it in the Authorization
header of your requests. We'll provide you a unique keyid (token) and a secret value, you will then calculate HMAC signature per request.
Please refer to Authentication section for more details.
Please note that our platform would assume operations approved from your organisation for all the requests signed by keys and secrets. The sandbox environment keys may have time limits, typically for a month for experimental purposes. If you require an extension, please contact us.
Last updated