Data API

About Exto Data API

Exto REST API enables seamless interaction between external applications and Exto’s platform. Through the API, external systems can securely access, retrieve, and update data stored within Exto.

The API follows RESTful principles and uses token-based authentication for secure access, ensuring data integrity and protection. Whether you're integrating with third-party services or building custom solutions, Exto’s API provides the flexibility to manage your data programmatically

Security

Exto takes security seriously, employing industry-standard protocols to safeguard your data. API access requires token-based authentication, ensuring that only authorised users can interact with your data.

Tokens are encrypted and expire after 180 days, reducing the risk of unauthorised access.

Additionally, all API requests are transmitted over HTTPS, ensuring data is encrypted in transit. To prevent abuse, the API enforces a rate limit of 3 requests per second, maintaining optimal performance and security for all users.

• Token based authentication

• is being revamped internally (Will be released in future)

Token generation

Admins have the ability to create new tokens by logging in as a site admin and generating tokens from the Customer Details page within the Exto Platform. This allows for easy token management, ensuring continued secure access when needed

Connecting Exto API through API Management (Azure Specific)

This Azure API Gateway page discusses how Exto REST APIs can be made available through Azure APIM

Sample Code

Below is an example of how to make an HTTP GET request to the Exto API using curl with a Bearer token for authentication.

1. curl Example

curl -X GET "https://platform.exto360.com/data/api/v1/health/readiness" \
     -H "Authorization: Bearer your_token_here" \
     -H "Content-Type: application/json"

2. Node.js Example (using axios)

const axios = require("axios");
const config = {
  method: "get",
  url: "https://api.exto.com/v1/your-endpoint",
  headers: {
    Authorization: "Bearer your_token_here",
    "Content-Type": "application/json",
  },
};
axios(config)
  .then((response) => {
    console.log(JSON.stringify(response.data));
  })
  .catch((error) => {
    console.error(error);
  });

In this example:

• Replace https://platform.exto360.com/data/api/v1/health/readiness with the actual API endpoint you're targeting.

• Replace your_token_here with the token generated from the Exto Platform.

This request retrieves data from the specified endpoint using the Bearer token for secure access.

Swagger