- Products ProductsLocation Services
Solve complex location problems from geofencing to custom routing
PlatformCloud environments for location-centric solution development, data exchange and visualization
Tracking & PositioningFast and accurate tracking and positioning of people and devices, indoors or outdoors
APIs & SDKsEasy to use, scaleable and flexible tools to get going quickly
Developer EcosystemsAccess Location Services on your favorite developer platform ecosystem
- Documentation DocumentationOverview OverviewServices ServicesApplications ApplicationsDevelopment Enablers Development EnablersContent ContentHERE Studio HERE StudioHERE Workspace HERE WorkspaceHERE Marketplace HERE MarketplacePlatform Foundation and Policy Documents Platform Foundation and Policy Documents
- Pricing
- Resources ResourcesTutorials TutorialsExamples ExamplesBlog & Release Announcements Blog & Release AnnouncementsChangelog ChangelogDeveloper Newsletter Developer NewsletterKnowledge Base Knowledge BaseFeature List Feature ListSupport Plans Support PlansSystem Status System StatusLocation Services Coverage Information Location Services Coverage InformationSample Map Data for Students Sample Map Data for Students
- Help
API keys
Note
This topic describes how to use API keys on the HERE platform. For instructions on using API keys on the HERE developer portal, see API keys.
HERE API keys provide simple and secure authentication of your application. Utilize the API key credentials key-rotation feature to ensure continued security of your application over time. This is done by creating a second API key for your application and deleting the original key when it is no longer required. You can use a maximum of two API keys at once for each application.
Note
If you have already created an app or you are working with an existing group app, skip Step 1: Register your app.
Step 1: Register your app
- If you don't already have a HERE account, see Get a HERE account.
- Sign in to the HERE platform.
- Open the Access Manager from the Launcher.
- On the Apps tab, click Register new app and provide the requested information.
- Click Register. The platform creates a new app with a unique app ID.
- On the Credentials tab, select API Keys and then click Create API key to generate a maximum of two API Keys for your application authentication credentials. The API key is created and displayed.
Note
Your application and associated authentication credentials are specific to your app and don't inherit your user permissions or group memberships. See Manage Apps.
Step 2: Get an API key
- Sign in to the HERE platform.
- Open the Access Manager from the Launcher.
- On the Apps tab, click the app you created in Step 1 or an existing app for which you want to generate an API key.
- On the Credentials tab, select API Keys then click Create API key. You can generate a maximum of two API Keys for your app. The API key is created and displayed.
Note
If you are using a previously created app and do not see the Credentials tab or it is greyed out, you may not have manager permissions for this app.
Step 3: Use the API key
To use the API key in a request, specify the key in the apiKey parameter in the request:
Example
https://geocode.search.hereapi.com/v1/geocode
?q=240+Washington+St.%2C+Boston
&limit=4
&apiKey={YOUR_API_KEY}
Trusted domains
API key credentials assurance
Trusted domains enable you to limit the use of your API Key credentials to the sites you specify. By default, any website can make requests to subscribed HERE services using your API Key. Add domains for each site that will make API calls with your API Key credentials. Each site you add must be a valid URI and include a domain name or IPv4 address. Any protocol (http/https) and port provided will also be used during validation.
Examples of acceptable entries
https://production.example.com:1080
example.com
93.184.216.34
http://www.example.com
Steps to configure trusted domains
- Sign in to the HERE platform.
- Open the Access Manager from the Launcher.
- On the Apps tab, click the app you created in Step 1 or an existing app for which you want to configure trusted domains.
- On the Trusted domains tab, specify and add up to 20 domains that you trust for your API Key credentials. If you need to specify more than 20 domains, please manage the list with the Platform CLI.
- After confirming your list of trusted domains, toggle "ENABLE TRUSTED DOMAINS" on.
Note
Enabling trusted domains when no domains are defined will prevent the app from being available.
Now any service configured to use the API Keys defined on the app will be limited to just the trusted domains you specified. Simply toggle "ENABLE TRUSTED DOMAINS" off to disable trusted domains.
Note
It may take up to 30 minutes for any configuration change to trusted domains to be in force. This means, for example, that tests performed within this timeframe may not return the expected results.
