What type of security measures can be used with Vizion API?

There are a few ways to secure your connection to the data you are receiving from Vizion.

Header authentication
You may request that Vizion add a single static header key to headers for your updates specifically. Vizion will not rotate or update keys on a schedule but a request can be made if a change is required for any reason such as a key being compromised. We currently support the following header Authentication schemes:

  • Basic (Base64 encoding of ID and password joined by a single colon)

    Authorization: Basic ZGVtbzpwQDU1dzByZA==

  • Bearer

    Authorization: Bearer <token>

  • API Key (A case-insensitive name followed by a colon, then by its value)
    X-API-Key: <token>

To implement this, please sent the following information to support@vizionapi.com 1) type of authentication 2) a working curl example for your server and 3) the token that you would like us to use. If you want different ones for our production and demo environments, please specify which token is for which. Please note that this is implemented into our server and may not be released until our next server push.

OAuth2.0
This is our highest level of security and requires time for setup on both the Vizion and customer sides. Please inquire with your account manager or reach out to support@vizionapi.com to begin the process.

IP whitelisting
If your network is already set up to block unrecognized IP's you may have your network administrator whitelist the IP address from which Vizion will send updates to accept data from Vizion.

Append a query string to your callback URL
This allows you to easily add a value that you can validate from the URL each time Vizion returns an update to you.