Factset API Keys Authentication: Version 1.0
Developer's Manual and Reference
FactSet Research Systems Inc. provides access to Analytics and content through RESTful APIs. To ensure the integrity and confidentiality of this data, FactSet leverages API Keys using Basic HTTP Authentication Scheme described in RFC 7617.
The workflow of API key authentication is as follows:
- Register with FactSet to obtain FactSet Username and Serial.
- Generate the API key using the Developer Portal.
- Construct the HTTP Authorization header as per the Basic HTTP Authentication Scheme with username-serial as username and API key as the password.
- Authorization: Basic dXNlcm5hbWUtc2VyaWFsOlhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWA==
- Encode this value using Base64 encoding into a sequence of US-ASCII characters
- The Authorization header needs to be included with all API requests
Obtaining an API Key
Log in to the Developer Portal using FactSet credentials.
In the pop-up window, provide a brief description stating the purpose of this key. Please note, this description also acts as way to identify and distinguish between existing keys. The next step is to provide the IP address range of the devices that will be used for accessing APIs with this key. Click "Create" to generate the key.
Issuing a request with an API Key
The specifics of an API request differ by the FactSet API being used, but the authentication remains the same. A valid Authorization header must be provided using Basic HTTP Authentication Scheme. This scheme requires a username and password. The FactSet credentials (username and serial separated by a single hyphen “-“ character) forms the username and the API key is the password. This username and password concatenated by a single colon “:“ character must be Base64 encoded and included with the Authorization header for all API requests.
Below is an example of GET request to the FactSet API using “username-serial:XXXXXXXXXXXXXXXXXXXXXXXXXXX” as the credentials.
$ echo "username-serial:XXXXXXXXXXXXXXXXXXXXXXXXXXX" | base64
$ curl -X GET "https://api.factset.com/analytics/pa/v1/currencies"
-H "Accept: application/json"
-H "Authorization: Basic dXNlcm5hbWUtc2VyaWFsOlhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWAo="
If the credentials are not valid, then the server will respond with a 401 HTTP status code (Unauthorized).