Access Control#

To access the Dlubal API, you need both authentication and authorization. Authentication is handled using an API Key, which is automatically included in all requests for validation. Authorization requires a valid license with an active API Service subscription.

Important

Be aware that usage of certain API methods involves additional costs (see Pricing & Credits). Manage your API keys responsibly to avoid unexpected charges or unauthorized usage.

API Key Management#

API keys are unique identifiers used to authenticate the client making a request. While they are linked to your User Account, their usage can extend further. Think of an API key as a project-specific identifier that allows you to share it within your company and track expenses separately for each project.

You can manage your API keys in Extranet > API & Cloud.

Authorization process flow diagram

Warning

When you generate a new API key, make sure to copy and securely store it immediately. For security reasons, the key will not be accessible or shown again after creation.

Authentication Process#

The authentication process for API requests follows these steps:

  1. Input the API key in the client initialization

    from dlubal.api.rfem.application import Application

# Option 1: Specify api_key_value directly
with Application(api_key_value="ak-e72f5da...") as RFEM:
  # Do a stuff

# Option 2: Specify api_key_name from config.ini
with Application(api_key_name="project_2") as RFEM:
  # Do a stuff

    Important

    Using an api_key_name from dlubal/api/config.ini is the preferred method for managing API keys, as it helps keep key values secure when sharing scripts.

    Example config.ini content:

    [api_keys]
project_1 = ak-e72f5da141ba4cce8b736c05ae444f5791aa8b17a372f24c
project_2 = ak-e72f5da141ba4cce198913bb39924c4ca8d78f75623b014a

  2. The server validates the API key against your company profile.

  3. If the key is valid, the request proceeds; otherwise, an error response is returned:

    grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
    status = StatusCode.UNAUTHENTICATED
    details = "The API key is either missing or invalid. Access to the API is denied."

Authorization Process#

If there is not appropriate license with API Service subscription, an error response is returned:

grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
    status = StatusCode.UNAUTHENTICATED
    details = "Connected client does not have API service subscription."