Aware API Authentication

In order to use the Aware external API, you must have an API token. A token is used to identify the user making the request, and to ensure that the user is authorized to call the endpoint they are trying to use.

Acquiring an API Token

API tokens are managed in the Aware UI. To manage your tokens, navigate to System Settings > Integrations and scroll down to the API Tokens section. From there, you can:

• Create a new API token
• Copy an API token to your clipboard for making requests
• Delete an API token

Once you have a token, you can use it to call the endpoints documented on this site. However, note that you will need to have a key with the proper permissions in order to access a given endpoint.

Assigning Token Permissions

Permissions are visible alongside the tokens in the UI and describe what a key can do. Generally, permissions are split into two categories - Read-only and Full Access. The former will only ever allow you to view one or more resources (retrieving a single item, listing all items, and other similar actions), whereas the latter may allow for a user with the token to create, update, or even destroy resources.

Note:

• A Full Access permission will always contain all permissions of a corresponding Read-only policy. Assigning both permissions to a single key is permitted, but redundant.
• Permissions may grant access to resources that relate to the resource the permissions belong to
  • e.g. Data Holds Full Access grants access to ListPlatformsV1 because you must be able to supply a platform ID in order to create a data hold.
• Permissions assigned to a key cannot currently be modified. In order to adjust permissions, a new key will have to be created.
• Permissions for a key will be removed if it is deleted.
• Permission changes may not immediately take effect when a key is created or deleted, and may take several minutes to sync.

Data Holds Read-only

Grants access to:

• GetDataHoldV1
• ListDataHoldsV1
• ListPlatformsV1

Data Holds Full Access

Grants access to:

• All Data Holds Read-only permissions
• CreateDataHoldV1
• UpdateDataHoldV1

Platforms Read-only

Grants access to:

• ListPlatformsV1

Audit Logs Read-only

Grants access to:

• ListAuditLogsV1

Signal Events Read-only

Grants access to:

• ListSignalEventsV1

User Content Exports Read-only

Grants access to:

• GetUserContentExport
• QueryUserContentExports
• CreateUserContentExportDownloadUrl

User Content Exports Full Access

Grants access to:

• All User Content Exports Read-only permissions
• CreateUserContentExport