Traffic TPEG API Developer's Guide

Get started

This section outlines how to quickly get started using the Traffic TPEG API on the HERE platform.
  1. Get a HERE account
  2. Create a project
  3. Configure your project
  4. Send a request
  5. Retrieve traffic information

Get a HERE account

If your organization has signed up for HERE Workspace or HERE Marketplace, contact your organization admin who can invite you to join the HERE platform organization established for your company. You can also request a free trial of the HERE platform if your company does not have an organization established for it. For more information, see the HERE platform pricing.

Create a project

To create a project, follow these steps:
  1. Sign in to the HERE platform using your HERE account.
  2. Open the Projects Manager from the launcher.
  3. Click Create new project.
  4. Enter a name for the project. Project names don't have to be unique.
  5. Enter a project ID. Project IDs must be unique within an organization and cannot be changed for the lifetime of the organization. Project IDs must be between 4 and 16 characters in length.
  6. Enter an optional description.
  7. Click Save.

Configure your project

To configure your project, which involves linking the Traffic TPEG API services you want to use, adding an app to the project, and generating credentials for the app, follow these steps:
  1. On the Resources tab, select Services and then click Link a Service.
  2. Search for Matrix Routing service(s) and click Link.
  3. Click Done.
  4. Select the Access and permissions tab and click Grant access.
  5. Under New app, select Create.
  6. Provide an app name and click Register. The platform creates a new app with a unique app ID.
  7. On the Credentials tab, select API Keys and then click Create API key to generate a maximum of two API Keys for your application authentication credentials. The API key is created and displayed.

Send a request

Before retrieving any traffic information, send the following XML body as an HTTP post request containing an HTTP Content-Type header of application/xml to the initsession resource:

<?xml version="1.0" encoding="UTF-8"?>
  <tpeg format="TPEGBinary" messagesize="50000" sessionsize="1000" >
    <loc-ref id="TMC" version="1.3" />
    <loc-ref id="ETL" version="1.0" />
    <loc-ref id="OLR" version="1.0"/>
    <app id="TEC" version="3.2" />
    <app id="TFP" version="1.0" expiration="17" />
  <countries current="DE" destination="FR" />
    <att name="radius" value="10" />
    <att name="expiration" value="600" />
    <att name="timeout" value="300" />
    <att name="frequency" value="180" />
Note: Depending on your authentication method, you either need to add an Authorization header with a Bearer token or query parameters. For the available authentication options, see the Identity & Access Management Developer Guide.

The XML response contains the URL and encryption key for traffic information requests. The following is an example response:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <config name="fcd" value="enabled"/>

Retrieve traffic information

After sending an initsession request, send an HTTP post request with an HTTP header Content-Type of application/octet-stream for traffic information to the URL in the response. The following example requests traffic information around a single point:

<?xml version="1.0" encoding="UTF-8" ?>
    <loc lat="52.55121" lon="13.16565"/>    

Next, encrypt and compress all traffic information requests by following these steps:
  1. Compress the XML body using Gzip.
  2. Calculate the length in bytes of the Gzip file.
  3. Pre-append the length of the Gzip data to the compressed body as a little endian 32 bit integer.
  4. Pad the combination of Gzip content and length with zeros to make it evenly divisible by 16 bytes.
  5. Using AES 128, encrypt the resultant padded combination of content and length as follows:
    1. Create a random integer 16 bytes long.
    2. AES encrypt the result of step 4, in mode CBC using the integer generated in step 5.a as the initialization vector and the key from the InitSession response. Do not apply additional padding.
  6. Send the resulting block of AES encrypted data as an HTTP POST request, pre-appended by the integer generated in step 5.a as content type application/octet-stream to the URL in the initsession response.
Figure 1. Encryption Procedure
Decrypt the response by reversing the encryption procedure by following these steps:
  1. Extract the first 16 bytes of the response.
  2. Decrypt the remainder of the response with AES, using the session key from step 1.
  3. Extract the length of the Gzip content from the first four bytes of the decrypted data.
  4. Expand the Gzip content into TPEGBinary format.
Figure 2. Decryption Procedure