← Back to Docs
Authentication
All smartObjx API calls require two HTTP headers for authentication. No OAuth, no bearer tokens — just two API keys on every request.
Required Headers
| Header | Purpose |
|---|---|
Ocp-Apim-Subscription-Key |
Identifies the subscriber (account owner). A subscriber may have multiple data owners within the account. This key stays the same across all API calls for your account. |
Ocp-Apim-POV-Key |
Identifies the data owner / Point of View (POV). Controls which data you see and can modify. Different POV keys show different data — this is how smartObjx enforces multi-tenant isolation. |
Data Owner Hierarchy
smartObjx organizes data owners in a three-level hierarchy:
Subscriber (account root)
└── Client (publisher's customer)
└── Customer (client's customer)
Each level has its own POV key. The system uses this hierarchy to determine which rules, settings, and structures apply — enabling overrides and versioning at each level.
How the hierarchy works
- Subscriber — the top-level account owner (SaaS publisher). Sees all data across all clients and customers.
- Client — a direct customer of the publisher. Can have their own rules, settings, and structures that override or extend the publisher's defaults.
- Customer — a customer of the client. Can have further overrides specific to their needs.
This hierarchy enables scenarios like: a SaaS publisher defines default business rules, a client overrides pricing rules for their market, and a customer gets further customization for their specific operations.
Example: cURL
curl -X GET "https://api.dev.smartobjx.com/settings-demo/application" \
-H "Ocp-Apim-Subscription-Key: fd8efd80-f215-4c73-95f2-23841e98acbd" \
-H "Ocp-Apim-POV-Key: 45ef2936-160e-47dc-bd17-3dc0060acec9"
Example: JavaScript fetch
const headers = {
'Content-Type': 'application/json',
'Ocp-Apim-Subscription-Key': 'your-subscription-key',
'Ocp-Apim-POV-Key': 'your-pov-key'
};
const response = await fetch('https://your-api-base-url/usecases', {
method: 'GET',
headers
});
const data = await response.json();
Example: C# HttpClient
var client = new HttpClient();
client.BaseAddress = new Uri("https://your-api-base-url");
client.DefaultRequestHeaders.Add("Ocp-Apim-Subscription-Key", "your-subscription-key");
client.DefaultRequestHeaders.Add("Ocp-Apim-POV-Key", "your-pov-key");
var response = await client.GetAsync("/usecases");
var json = await response.Content.ReadAsStringAsync();
Example: C# with smartConnectors SDK
var config = new ApiConfiguration();
config.BasePath = "https://your-api-base-url";
config.ApiKey.Add("Ocp-Apim-Subscription-Key", "your-subscription-key");
config.ApiKey.Add("Ocp-Apim-POV-Key", "your-pov-key");
var rulesApi = new RulesApi(config);
// All subsequent calls use these credentials automatically
Sandbox Credentials
Use these shared demo tokens to explore the APIs without signing up:
| Token | Value |
|---|---|
| Subscription Key | fd8efd80-f215-4c73-95f2-23841e98acbd |
| SaaS Publisher POV | 45ef2936-160e-47dc-bd17-3dc0060acec9 |
| Client POV | 25ef2936-160e-47dc-bd17-3dc0060acec9 |
| Customer POV | 05ef2936-160e-47dc-bd17-3dc0060acec9 |
Try different POV keys to see how the same API returns different data for different levels of the hierarchy.