# API Documentation ## Bearer Token & API Key Generation **Bearer authentication** (also called **token authentication**) is an HTTP **authentication** scheme that involves security **tokens** called **bearer tokens**. GoGovSG uses bearer authentication. To generate the token, click on "API Integration" in the navigation bar. From there, click on `Generate API key` and copy the token. Use this key to start using GoGovSG's API.
{% hint style="info" %} **Keep the bearer token** **safe:** You should not share the bearer token with anyone. Use services like 1Password to store it. {% endhint %} ## Authentication GoGovSG's API uses APIKey for authentication. User can view and manage API Keys in Go API Dashboard. Staging secret keys will have `test_v1_`version prefix. Production secret keys will have `live_v1_`version prefix. Authentication to the API is performed via bearer auth. ```powershell curl --location --request POST 'https://go.gov.sg/api/v1/urls' \ --header 'Authorization: Bearer live_v1_YOUR_API_KEY' ``` All API requests must be made over HTTPS. Calls made over plain HTTP will fail and requests without authentication will also fail. ## Errors Go API uses conventional API Error to indicate the success or failure of an API request. | Status Codes | Description | | ---------------------------------- | ------------------------------------------------------------------------------------------------ | | 200 - OK | Everything worked as expected. | | 400 - Bad Request | The request was unacceptable, often due to missing a required parameter. | | 401 - Unauthorized | No valid API key provided. | | 402 - Request Failed | The parameters were valid but the request failed. | | 404 - Not Found | The requested resource doesn't exist. | | 429 - Too Many Requests | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests. | | 500, 502, 503, 504 - Server Errors | Something went wrong on GoGovSG's API end. | ```json { "message": "Unauthorized" } ``` ## Rate Limits GoGovSG supports a default rate limit of 5 requests per second for each user. If you require higher rate limits, please write to us at with more details. If you have exceeded your rate limit, your incoming requests will be blocked for 10 seconds as a cooling off period. We recommend throttling your requests and implementing exponential backoff for retries to ensure that your requests can be accepted. ## Endpoints | Environment | Endpoint | | ----------- | ------------------------------------------------------------ | | Production | [https://go.gov.sg/api/](https://go.gov.sg/) | | Staging | [https://staging.go.gov.sg/api/](https://staging.go.gov.sg/) | ## Get Urls ```jsx GET /v1/urls?... ``` **Request Query Parameters:**
ParameterTypeDefault valueRequired?
limitnumber1000No, optional
offsetnumber0No, optional
searchTextstringnilNo, optional
stateenum (”ACTIVE”, “INACTIVE”)nilNo, optional
orderByenum (”createdAt”, “clicks”)createdAtNo, optional
sortDirectionenum (”desc”, “asc”)descNo, optional
isFilebooleannilNo, optional
Note: Max values for `limit` = 1000 **Returns**: ```json { "urls": [ { "shortUrl": "197abc", "longUrl": "https://link.com", "state": "ACTIVE", "clicks": 0, "createdAt": "2022-09-19T03:31:00.131Z", "updatedAt": "2022-09-19T03:31:00.131Z" } ], "count": 1 } ``` **Explanation of fields returned:**
Field ReturnedWhat it meansExample
shortUrlShort link nameagsubmit

(ie. full URL will look like https://go.gov.sg/agsubmit)
longUrlOriginal linkhttps://google.com
stateWhether short link is active or inactive"ACTIVE" or "INACTIVE"
clicksNumber of clicks on the short link since creation888
countCounts the total number of links matching search filters (except limit and offset) 8
## Create Url ```jsx POST /v1/urls ``` **Request body:** | Property | Type | Required? | | -------- | ------ | ------------- | | longUrl | string | Yes, required | | shortUrl | string | No, optional | * `longUrl` has to start with https\:// * If no `shortUrl` is provided, then a random 8 character alphanumeric shortUrl name will be generated for the link. **Returns**: ```json { "shortUrl": "197abc", "longUrl": "https://link.com", "state": "ACTIVE", "clicks": 0, "createdAt": "2022-09-19T03:31:00.131Z", "updatedAt": "2022-09-19T03:31:00.131Z" } ``` ```json { "message": "Short link \\"asd\\" is already used.", "type": "ShortUrlError" } ``` ## Update Url ```jsx PATCH /v1/urls/{shortUrl} ``` Note: Indicate `shortUrl` name you wish to update in above PATCH request, ie. {shortUrl} **Request body:**
PropertyTypeRequired?
longUrlstringNo, optional
stateenum (”ACTIVE”, “INACTIVE”)No, optional
* `longUrl` has to start with https\:// **Returns**: ```jsx { "shortUrl": "197abc", "longUrl": "https://link.com", "state": "ACTIVE", "clicks": 0, "createdAt": "2022-09-19T03:31:00.131Z", "updatedAt": "2022-09-19T03:31:00.131Z" } ```