Help

Five steps to get started using our APIs

Here’s how to get started

This Developer Portal offers access to a range of APIs that are available across the Victorian Government.  

The following steps will get you started:

1. Register for access
2. Sign in and view the APIs
3. Request access to APIs
4. Create an authentication key
5. Make some API calls.

1. Register

Fill in the user registration form.

Your registration request will go to the approver's team for review.

You’ll be notified via email when your request is approved.

If you have any questions, email This email address is being protected from spambots. You need JavaScript enabled to view it. for support.

 

2. Sign in

Once your access has been approved, sign in to the developer portal.

Community APIs

By default your user account is part of an organisation called Community. This gives you access to a range of APIs published by government agencies for open use.

Check the API Catalogue page for a list of available APIs. The list is constantly growing, so check back frequently.

 

Private APIs

Some organisations don’t publish their APIs to the Community organisation.  This may be because they are for internal use only or may contain sensitive content.

If you need to access APIs in an organisation you don’t have access to, request it directly from the organisation administrator. Alternatively, email This email address is being protected from spambots. You need JavaScript enabled to view it. for support.

 

3. Request Access to APIs

When you’ve found an API you want to use, you need to create an API access request.

Approved access to an API will provide you with the following information about the API:

  • API name and description
  • owner details
  • authentication method (via API key or OAuth)
  • rate limits
  • monitoring and API call logging.

To create an API access request:

  • Register an account on the Developer Portal.
  • Log into your Developer Portal account and select "My API Requests" from the dropdown at the top right of the page.
  • Click "Create API Access Request".
  • Use the check boxes to select the APIs you want to request access to. Click Submit Request.

Your request may require approval from the API Owner, although in most cases API access requests are automatically approved on submission.

You will receive email confirmation when your access is approved.

 4. Create authentication key(s)

Once your access is approved, you need to generate an authentication key to access each API.

The API catalogue shows the type of authentication required. It also provides code generators to help you get started.

In general there are two supported types of authentication:

  • OAuth 2.0
  • API Key
  • Basic Auth (API Key + Secret)

 

OAuth 2.0

OAuth 2.0 is our preferred authentication method. This allows users to generate a temporary token that provides access to specific API functions for a short period of time.

OAuth 2.0 allows:

  • developers to easily generate and use tokens
  • API owners to prevent unnecessary access
  • Visit the OAuth 2.0 website for more information about OAuth 2.

 

API Key

Some APIs are authorised simply by including an API key in the header or URL of the request.

During the early stages of API development some organisations can publish APIs with only API key authentication.



Basic Authentication (API Key + Secret)

Some APIs will require the use of a Secret Key as well as the API key for authentication.  The secret key is generated at the same time as the API Key and is available in the Developer Portal.

The API Key and Secret Key are then combined and encoded using a Base64 algorithm to authenticate the request.

For example:

Key: fca66b3c-e19d-4cca-952a-23d2e4d96a8f
Secret: 0b9e0ed1-5981-4aa6-8fca-58bc5783e368

Combined (with a colon): fca66b3c-e19d-4cca-952a-23d2e4d96a8f:0b9e0ed1-5981-4aa6-8fca-58bc5783e368

Encoded in Base64: ZmNhNjZiM2MtZTE5ZC00Y2NhLTk1MmEtMjNkMmU0ZDk2YThmOjBiOWUwZWQxLTU5ODEtNGFhNi04ZmNhLTU4YmM1NzgzZTM2OA==

This can then be used in the Authentication header of the request.

 

5. Make some API calls

Once you’ve created your authentication key you can now test calls to the API.

You can do this either in the tools provided in our API Catalogue, or by using an external API development tool, such as Postman.

The goal is to get familiar with the API to understand:

  • the methods you can access
  • the parameters you’re required to send
  • the fields that will be sent back in the response.

You can then download the Swagger 2.0 definition for each API or write your own custom code to access the API using your own API access request.

 

 


Need help?

If you need assistance This email address is being protected from spambots. You need JavaScript enabled to view it..