Machine Authentication - API Key

Use this method to authenticate your application directly to MLink if there is no ability to use MFA or you only require a single data feed.

Setting up an API Key

Request an API Key from SpiderRock support, this API Key will be associated with the requestor’s SpiderRock ID (username) and scoped to the correct permissions.

To authenticate with an API Key to MLink, use an API Key Token formatted as “APIKey”.

Example

https://mlink-live.nms.saturn.spiderrockconnect.com/rest/json?
apikey=1234-5678-9012-31415

Send an MLinkLogon to MLink servers:

msg = {
        "header" : {
                    "mTyp": "MLinkLogon"
                   },
        "message": {
                    "apiKey": "your-api-key"
                   }
      }

Include ApiKey as a header in the initial HTTP Handshake request:

async with websockets.connect(
      uriJson, extra_headers={"Authorization": f"Bearer {apikey}"},
      ping_timeout=None) as websocket:

Human Authentication

  • User Name, Password and an MFA key
  • Session Key

Use this method to authenticate your application by allowing humans to log in with their SpiderRock credentials + MFA and access their specific accounts.

You will receive an invite, which will redirect you to our web applications where you can choose your Password and MFA (MLink auth allows for two kinds of MFA: SMS and TOTP).

Obtaining a valid Session Key

Use the SpiderRock Connect ID screens, where the user will be challenged for their SpiderRock ID, password, and an MFA code. After a successful authentication, a Session will be issued to the front end as well as the SpiderRock backend to authenticate the session. This session key can be used with no additional information to gain access to MLink with the permissions assigned to your user until the session key expires.