1. Home
  2. Docs
  3. Developer Hub
  4. Documentation
  5. Authentication


The Senstate API’s use API keys or bearer token to authenticate requests. You can view and manage your API keys from the Senstate.Cloud device permissions section. In some cases, when a device is marked as Open Data Device, then you can access its data without authentication (API Key).

Open Data

All devices marked as “Open Data Enabled” from the user have their data publicly accessible on all Senstate API’s. You can access the data without API key or other type of authentication. Even though, there are some limits:

Limited requests: not authenticated requests are limited to 30 requests per minute per IP address. If requests exceed the limit, the IP address will be blocked for 10 minutes.

Limited historical data: not authenticated requests have limited access to the history data of the device. Depending on the time frame requested, usually one time frame of history data is allowed to be accessed. For example, for the weekly data – 7 days of hourly records, for the monthly – 30 days of daily records and so on.

API Keys

API keys are used for authentication on a device basis. For example, each device owner can create API keys for his device. The one who owns the API key can access this device data though the API’s.

API keys are created from the Permission page of a Device in the Cloud platform. Only the owner of the device, an Administrator or a custom role with Manage API Keys permission enabled can create keys.

API key should be present as header with name accessKey during the request.


headers = {'accessKey': 'YOUR_ACCESS_KEY'}


OAuth 2.0

OAuth 2.0 framework is used for a user level authentication. It has higher permissions to access all services, not only the Open Data API’s. Bearer / JWT token should be provided for side-wide authentication across services.

OAuth 2.0 authentication is currently in test mode and will be included in v.2 of the API’s.

Was this article helpful to you? Yes No

How can we help?