Overview

Newired provides API key–based token authorisation to enable secure access to selected REST endpoints.

This mechanism was originally introduced to allow customers to retrieve Analytics insight data programmatically. It is now a general authorisation method that can be used for multiple supported endpoints.

API keys allow external systems (e.g., BI tools, automation scripts, backend services) to securely access specific Newired REST APIs without using interactive user authentication.

Authentication

All supported endpoints require API key token authorisation.

The API key must be included in every request using the following HTTP header:

nw-auth: <YOUR_FULL_API_TOKEN>

GET /rest/report/journeys/usage
Host: newired-backend.com
nw-auth: nw-api-xxxxxxxxxxxxxxxxxxxx

Where to Manage API Keys

API key management is available in the Newired Portal:

Administration → API

Within this section, users can:

• Generate new API keys

• View existing keys

• Monitor usage

• Delete keys

Generating a New API Key

1. Navigate to Administration → API

2. Click “Generate new API Key”

3. The full token will be displayed only once

Important

• The full token is shown only at the time of creation.

• It is the user’s responsibility to securely store and manage the token.

• If the token is lost, a new key must be generated.

Token Structure & Visibility

• The full API token is shown only once during generation.

• After creation, the UI displays:

  • A secret key reference, consisting of:

    • A hardcoded prefix: nw-api-

    • The last 4 characters of the token

This allows identification of the key without exposing the full token.

API Key Overview Table

The API management table provides:

• Author (creator of the key)

• Creation date

• Last usage date

• Option to delete the key

Deleting a key immediately revokes access for any system using that token.

Supported Endpoints

Analytics Reporting Endpoints

The following endpoints are currently enabled for customer use and provide access to Analytics reporting data:

• /rest/report/journeys/duration

• /rest/report/journeys/trend

• /rest/report/journeys/usage

• /rest/report/journeys/usersEngagement

• /rest/report/journeys/summaryEngagement

These endpoints were the first Analytics APIs made available for external customer usage and represent the primary reporting capabilities currently supported via API key authorisation.

They are typically used by customers who:

• Require advanced or customised reporting

• Use external BI tools (e.g., Power BI)

• Integrate Analytics data into internal dashboards

• Automate reporting workflows

This allows organisations to build their own insights and visualisations beyond what is available directly in the Newired Portal Analytics section.

Extensibility

The set of Analytics reporting endpoints is configurable and may be extended over time.

Additional Analytics endpoints may become available based on customer needs and use cases. If you require access to specific Analytics data that is not currently exposed, please contact Newired Support to discuss available options.

Analytics Maintenance & Diagnostics Endpoints

The following endpoints are related to Analytics maintenance and diagnostics:

• /rest/app/diag/jobs/analytics/uaa-aggregation

• /rest/app/diag/jobs/analytics/cleanup

These endpoints are intended for technical and operational use cases related to Analytics processing and data maintenance.

Typical Use Case

A common scenario includes:

1. Generating an API key in the Newired Portal.

2. Storing the token securely in an external system.

3. Using the token to authenticate REST API requests.

4. Retrieving Analytics data.

5. Visualising or processing the data in external tools such as:

   • Power BI

   • Internal reporting platforms

   • Data warehouses

   • Custom dashboards

Security Best Practices

• Store API tokens securely (e.g., secret manager, encrypted vault).

• Do not expose tokens in client-side code.

• Rotate keys periodically.

• Delete unused keys.

• Regenerate a key immediately if compromised.