“username” which contains your portal/API username, and “apiKey” which contains your API access key. If you don’t provide the authenticate header the API returns the [[exception]] “No valid authentication headers found.”, and if you provide an invalid username and apiKey combination the API returns the exception “Invalid API Token”.
A SOAP representation of the “authenticate” header looks like this:
There are two ways to generate an API access key, via the portal or by direct API calls. To generate your own API access key in the customer portal:
To generate an API access key via API calls invoke the [[SoftLayer_User_Customer::addApiAuthenticationKey|addApiAuthenticationKey]] method in the [[SoftLayer_User_Customer]] service. To remove a user’s API access key execute the [[SoftLayer_User_Customer::removeApiAuthenticationKey|removeApiAuthenticationKey]] method in the same service. Be careful when removing API access keys. Removing these keys will remove that user’s ability to use the SoftLayer API.
It is possible to get a short lived API key using a username/password combination with [[SoftLayer_User_Customer::getPortalLoginToken]]. This token can be used in place of an API key during calls and will expire after 48 hours.