# API v3 authentication

Nearly all endpoints in the API v3 require authentication as an i3D.net customer.

Authentication occurs in the form of an API key that can be [generated and configured on the control panel](https://one.i3d.net/Account/API-Keys).

## API key

By clicking on the `Generate API key` button on the aforementioned control panel page, you create a new API key.

By default it has no IP whitelisting and no expiration date.

## IP Whitelisting

If you want to lock down usage of the API key to one or more IP addresses, or a range of IP addresses then you can fill in a start IP and end IP address for the API key.

<figure><img src="https://3255620342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTxqXHcEUC6lhXmjD6wE0%2Fuploads%2FxEc4tHlFEIV27Kk3oE5M%2Fdocs_odp_Platform-Overview_images_ApiKeyIpWhitelisting.png?alt=media&#x26;token=4082644b-e251-4aaf-80c3-a06ff8c74d98" alt=""><figcaption></figcaption></figure>

## Expiration

API keys can be set to expire at a certain date. To set this up, enter or select a date by clicking on the `API Key expidation date` field. The API key will expire when the indicated date has been reached.

<figure><img src="https://3255620342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTxqXHcEUC6lhXmjD6wE0%2Fuploads%2F4sS5yhXsBfqwnWXMlW8j%2Fdocs_odp_Platform-Overview_images_ApiKeyExpiration.png?alt=media&#x26;token=b52d7753-0858-4d11-abf0-0b54f2b7b5c9" alt=""><figcaption></figcaption></figure>

## API key usage

Authenticating your requests is done by adding a `PRIVATE-TOKEN` HTTP header containing your API key as the value:

| HTTP Header Name | HTTP Header Value |
| ---------------- | ----------------- |
| PRIVATE-TOKEN    | YOUR\_API\_KEY    |

Table 1: API v3 authentication header