Using the Find and Use an API service
- 1. Create an account
- 2. Register an application
- 3. Subscribe to an API
- 4. Get a subscription key
- 5. Redirect URLs
- 6. Call an API
1. Create an account
You will need to create an account with the Find and Use an API service to gain access to APIs and their subscription keys.
Go to create an account.
2. Register an application
You will need to register your application to help keep it and our data secure.
To register an application, sign in to your account, go to registering your application and follow the process.
When you register you will receive a unique client ID and a client ‘secret’ - a kind of password. You will need these to call DfE APIs.
3. Subscribe to an API
To integrate with a DfE API, you need to subscribe to the API. When you subscribe you will receive a subscription key that is unique to each client for the API. If you need to connect to more than one API, you must subscribe to each one.
To subscribe to an API:
- Register your application.
- View your application details (you can save these).
- Click on 'Subscribe to APIs'.
- Select the API you want to integrate with.
- Choose 'sandbox' (when you’re building and testing your software) or 'production' (when you know your software works properly).
4. Get a subscription key
It can take up to 3 working days to receive a subscription key. When we have agreed your subscription request, we will email you at the address you registered with.
To see the status of your request, go to API subscriptions, select the API and the status will be shown.
The statuses are:
- pending approval - you have made a subscription request and are waiting for us to approve it
- active - the subscription is ready for you to use - a primary and secondary subscription key will be displayed with the URL
- rejected - we have reviewed and rejected your subscription request - the reason will be displayed
- cancelled - you have cancelled the subscription request and we will not progress any further unless you make a new request
- suspended - the subscription request has been suspended - to unsuspend it, fill in the form in the 'Support' tab
5. Redirect URLs
When you first register an application, you must provide a redirect URL. You can add and edit up to 15 redirect URLs.
Redirect URLs send the user back to your application after successful (or unsuccessful) authorisation, before your application accesses user-restricted endpoints.
You must specify one redirect URL when you register your application and one when you send your user to our authorisation endpoint. You can add more redirect URLs later if you need to.
The redirect URL you use for authorisation in your call to the DfE authorisation endpoint must match one of those you specified when you registered your application. This will protect your application from phishing attacks.
6. Call an API
When you have subscribed to an API and received your subscription key, you’ll have everything you need to make an API call:
- The DfE API URL and endpoint.
- Your unique client ID and secret.
- Your unique API subscription key.
- registered redirect URL.
- OAuth 2.0 token endpoint (for an application-restricted endpoint).
- OAuth 2.0 authorisation URL (for a user-restricted endpoint).
If you need help making an API call, see our Tutorials.