# API Key and Secret ## **Overview** We'll explore the essentials of API Key and API Secret in Gallabox, detailing their functions and how they synergize. Prefer watching than reading? Watch the video below: {% embed url="" %} Read the guide below: ### What is an API Key? An API key is a unique identifier that grants access to specific functionalities or services offered through its API. Think of it as a digital passkey, enabling developers to unlock the doors to Gallabox's API and integrate its services into their applications securely. ### Understanding API Secrets An API secret is another form of authentication, but unlike an API key, it is typically kept confidential and known only to the application and the service provider. They function as secret credentials, ensuring the identity verification of the application when interacting with Gallabox's API. ### How They Work Together? API keys and secrets work hand in hand to authenticate and authorize access to Gallabox's API. Here's how they collaborate: 1. **Access Acquisition**: Create both an API key and secret in your Gallabox account. 2. **Authentication Protocol**: When the third party application communicates with Gallabox's API, it presents the API key in its requests, identifying itself. Gallabox then verifies this key to authenticate the application. 3. **Secured Communication**: Alongside the API key, the application includes the API secret, ensuring secure transmission. Gallabox utilizes this secret to authenticate the application, ensuring that only authorized parties can access the API. 4. **Authorization Verification**: Gallabox checks if the API key and secret combination has the necessary permissions to execute the requested actions. If authorized, Gallabox's API responds accordingly, allowing the application to utilize the desired functionality. ## Video Guide {% embed url="" %} ## Create an API Key in Gallabox ### Add New Under API Keys Go to **Settings** in the navigation panel and select **API keys**. Click on **+ Add new**.
### Naming and providing permission Provide a name to the **API** and select the permissions (All, Restricted, or Read only) for the API. Click on **Add API Key**.
### API Secret The API Secret will be generated and you have to copy and paste it somewhere safe. You will find the **API Key ID** on the API Keys tab. {% hint style="warning" %} It's crucial to safely store your API Secret immediately as it's not retrievable after the initial display. Always access your API Key ID from the API Keys tab for future references. {% endhint %}
In conclusion, an API Key and API Secret are crucial components for securing your interactions with Gallabox's services. You can easily create an API Key in Gallabox by navigating to the API Keys tab, ensuring your API integrations are both robust --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.gallabox.com/developer-resources/api-key-and-secret.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.