Authentication is the mechanism of associating an incoming request with an API key, The PCMiler REST service requires an API key to access the service.  

An API Key is a piece of code assigned to a specific user or account that is used whenever that entity makes a call to an API. This Key is a long string of generated characters.

An API Key has these properties:

  • A token, in the form of a relatively long random string (e.g. 32 characters)

  • An identifier, for storage and unique identification

  • Transmitted with the request 

  • Known to the client

  • Can be validated by the server

  • Unique to a device or software

  • Bound to a user or account

A client device will store the token. In a way this is like a password, but there is no need for restricting this to human memory capabilities. The token is transmitted with every request so the request can always be authenticated.

The API key is used either in the URL or in the HTTP request header to validate a user’s request.  If the client making the API request has an invalid API key, then the key will fail to authenticate.  The API key is most important to the request.  You need this to generate a successful login and send it with the request. If the user is successfully logged in, a valid response will be returned from the server.   We support http and https, but recommend sending your request over  https.  If you’re not using SSL, than your authentication protocol will never be secure. 


A typical REST action consists of sending an HTTP request to the PCMiler API Server and waiting for the response. Like any HTTP request, a REST request to PCMiler API Server contains a request method, a URI, request headers, and a query string or request body. The response contains an HTTP status code, response headers, and a response body.

The REST API is used to expose the Web-Services of our PCMiler application by using simple HTTP requests, which includes the following:

  • POST method for creating a new Object on server,

  • GET method for getting single/list of Objects from server,

  • PUT method to update an Object on server, &

  • DELETE method for deleting an Object from server.

Request Properties



The Host header defines PCMiler REST API server (where to connect). 


Example: Host:



API Key will be used to fully determine privileges and visibility for the request within PCMiler platform.

(Request Header)

 Authorization: ed5620c5013d782fe2eeaf9fd03b7fc0a42fafb06f0608b58d5


(in URL)  

&authToken= ed5620c5013d782fe2eeaf9fd03b7fc0a42fafb06f0608b58d5


Defines expected request MIME type

application/json: PCMiler will render the response in JSON format following the current REST API specifications

Sample Requests:


URL based authentication:,37.8928&authToken=YourAPIKeyHere

Java Header Based GET Authentication

Query = "coords=-85.9747,37.8928";
String nospac = Query.replace(" ", "%20");
address = "";
urlFormatted = address + nospac;
url = new URL(urlFormatted);
connection = (HttpURLConnection) url.openConnection();
 connection.setRequestProperty("Authorization", apiKeyVal);
connection.setReadTimeout(15 * 1000);
builder = new StringBuilder();
String type = connection.getContentType();
if (type == null) {

C# Header Based Get Authentication

      string resource = "locations";
            string queryString = "?coords=-85.9747,37.8928";
            Uri requestUri = new Uri(baseURL + resource + queryString);
          HttpWebRequest req = WebRequest.Create(requestUri) as HttpWebRequest;

              req.Headers["Authorization"] = apiKey.Text;
             req.ContentType = "application/json";

                using (HttpWebResponse response = (HttpWebResponse)req.GetResponse())
                         using (StreamReader sr = new StreamReader(response.GetResponseStream()))
                        txtResponse.Text = sr.ReadToEnd();

Javascript Header Based GET Authentication

  <script type="text/javascript">
      reqhttp = new XMLHttpRequest();
      var url = "";
      var resource = "locations"
      var queryString = "?coords=-85.9747,37.8928";
      url = (url + resource + queryString);"GET", url, true);
      reqhttp.onreadystatechange = ProcessRequest;
      function ProcessRequest() {
          if (reqhttp.readyState == 4 &amp;&amp; reqhttp.status == 200) {
              TextArea1.value = "Request: " + url + "\n\n";
              TextArea1.value = TextArea1.value + "Response: " + reqhttp.responseText;
             reqhttp.setRequestHeader("Content-type", "application/json");
          reqhttp.setRequestHeader("Authorization", apiKeyVal);
          reqhttp.responseType = "application/json";
      <style type="text/css">
              width: 693px;
              height: 167px;
    <textarea id="TextArea1" name="S1"></textarea></div>


JAVA POST snippet: 

address = ("");
 url = new URL(address);
  HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Content-Type", "application/json");
apiKeyVal = apiKey.getText();
conn.setRequestProperty("Authorization", apiKeyVal);            
queryStr.setText("{ MyPostQuery }");
String input = queryStr.getText();
OutputStream os = conn.getOutputStream();
if (conn.getResponseCode() != 200)
if (conn.getResponseCode() != HttpURLConnection.HTTP_CREATED) {    
throw new RuntimeException("Failed : HTTP error code : "
+ conn.getResponseCode());
   String type = conn.getContentType();
            if (type == null) {

C# POST Snippet

 var request = (HttpWebRequest)WebRequest.Create("");       
var postData = "{ MyPostQuery }";
var data =  Encoding.ASCII.GetBytes(postData);
request.Headers.Add("Authorization", apiKey.Text);
request.Method = "POST";
request.ContentType = "application/json";
request.ContentLength = data.Length;
using (var stream = request.GetRequestStream())
    stream.Write(data, 0, data.Length);

var response = (HttpWebResponse)request.GetResponse();
if (response.ContentType.StartsWith("image"))
    Image mapImage = Image.FromStream(response.GetResponseStream());
    pictureMap.Size = mapImage.Size;
    mapImage1 = mapImage;
    pictureMap.Visible = true;
    pictureMap.Image = mapImage;
    txtResponse.Visible = false;    

JavaScript POST Snippet

      reqhttp = new XMLHttpRequest();
      var url = "";"POST", url, true);
      reqhttp.setRequestHeader("Content-type", "application/json");
      reqhttp.setRequestHeader("Authorization", apikey);
      reqhttp.responseType = "arraybuffer";

      reqhttp.onreadystatechange = function () { //Call a function when the state changes.
          if (reqhttp.readyState == 4 &amp;amp;&amp;amp; reqhttp.status == 200) {

              var res = reqhttp.response;
              if (res) {

                  var uInt8Array = new Uint8Array(res);
                  var i = uInt8Array.length;
                  var binaryString = new Array(i);
                  while (i--) {
                      binaryString[i] = String.fromCharCode(uInt8Array[i]);
                  var data = binaryString.join('');

                  var base64 = window.btoa(data);

                  document.getElementById("myImage").src = "data:image/png;base64," + base64;

      var parameters = "{ MyPostQuery}";

      function doFunction() {


    <img id="myImage">

This sample may use features that are only available in our Premium WebServices. Please refer to our Features page to confirm what feature level you currently subscribe to.