API Access for Users and Services

API Access Defined by Users and Permissions
  • Each user has an API Key that, when enabled, allows API access from a http client.
  • That user's permissions are applied when allowing the API request.
  • This allows for granular API permissions per-service
  • Token auth is restricted to access from KoalaBrain terminals only
Master API Key
  • The master API Key is set in your env file and grants TOTAL AND UNRESTRICTED ACCESS to the system. ¬†KoalaBrain online uses it to access your POS system. ¬†Do not share this key with anyone, and it is recommended it not be used for your API calls in favour of having a revokable API user with their own key.