Home
Get Started
API Usage Guides
Use Cases
Developer Tools
Integrations
Community
API ExplorerAPI Reference
Usage Guides

Whisper API Authentication

This guide covers how to authenticate your requests to the Whisper API. All API endpoints are secured and require a valid API key to access.

The Whisper API uses Bearer Token authentication for all requests. This means you must include your secret API key in an Authorization header with every API call you make.

Header Format

To authenticate, you need to format the Authorization header as follows:

Authorization: Bearer {YOUR_API_KEY}

Replace {YOUR_API_KEY} with the secret token you received from Whisper Security.

Example with cURL

Here is a basic example of an authenticated request using cURL, which is the foundation for all our SDKs.

curl -X GET "https://api.whisper.security/intelligence/v1/ip/8.8.8.8" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json"

SDK Configuration Examples

Our SDKs handle authentication for you. You just need to provide your token during initialization.

TypeScript / Node.js

Provide your token in the Configuration object. For added security, you can use an async function to fetch the token from a secure source on demand.

import { Configuration } from 'whisper-api-sdk';

// Provide the token directly
const config = new Configuration({
    accessToken: 'your-bearer-token-here'
});

// Or, provide the token dynamically
const dynamicConfig = new Configuration({
    accessToken: async () => await getTokenFromSecureStorage()
});

Python

Set the access_token when creating the Configuration object. It's highly recommended to load this from an environment variable.

import noctis_frontgraph_sdk
import os

configuration = noctis_frontgraph_sdk.Configuration(
    access_token = os.environ["BEARER_TOKEN"]
)

C# / .NET

When configuring dependency injection, set the Authorization header on the HttpClient.

builder.Services.AddApi(config =>
{
    config.AddApiHttpClients(client =>
    {
        client.BaseAddress = new Uri("https://api.whisper.security");
        client.DefaultRequestHeaders.Authorization =
            new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", "YOUR_API_TOKEN");
    });
});

Java

Get the HttpBearerAuth authentication object from the client and set your token.

ApiClient defaultClient = Configuration.getDefaultApiClient();

// Configure Bearer Token authentication
HttpBearerAuth bearerAuth = (HttpBearerAuth) defaultClient.getAuthentication("bearerAuth");
bearerAuth.setBearerToken("YOUR_BEARER_TOKEN");

Security Best Practices

Protecting your API key is crucial for securing your account.

  • Never hardcode your API key in source code. Use environment variables or a secure secret management system.
  • Never expose your key in client-side code like frontend JavaScript.
  • Use HTTPS for all API requests to ensure your key is transmitted securely.
  • Rotate your API keys regularly as a security precaution.