Publisert - 12.05.2026

Authentication

API Key

All API endpoints require authentication via an API key passed in the X-API-KEY HTTP header.

Request Format

curl -H "X-API-KEY: your-api-key" \
  https://api.example.com/api/v1/treatmentGroup

Obtaining a Key

API keys are issued manually by the Nompd team. Contact the team to request access.

Each consuming system should have its own unique API key to allow independent access management.

Error Responses

Missing API key:

HTTP/1.1 401 Unauthorized

{
  "error": "Invalid or missing API key."
}

Invalid API key:

HTTP/1.1 401 Unauthorized

{
  "error": "Invalid or missing API key."
}

Security Notes

  • Transmit API keys only over HTTPS.
  • Do not embed API keys in client-side code, URLs, or query parameters.
  • Store keys securely (environment variables, secrets managers).
  • If a key is compromised, contact the Nompd team to have it revoked and replaced.

Søk i Utviklerportalen

Søket er fullført!