!!!OKIT Accounting API Key Documentation
!!Version 1.0

OKIT Accounting provides a feature that allows third-party applications to use OKIT ecosystem services (e.g. Sms server) via an API token. This document explains how to set up an API key and use it in a third party application.
The following image shows the schematic workflow of “OKIT Operator” which is responsible for handling token requests. Everything is based on HTTP GET requests.

[{Image src='okit_operator_api_key.png' align='center' }]

The steps are as follows:
#Create a token for an application in OKIT Accounting
**Go to booked application tab
**Select an application and press “API Token” button
**Create a new token by inserting “Remote Application”. This is just name which maybe used internally for the user
#Pass the 'generated token', 'client prefix', and 'application prefix' to the third party application. You can find the client prefix and application prefix in the OKIT Accounting UI.
#Now third party application can make a GET request to OKIT Operator with the above information as:
**GET  http://localhost:8080/OKIT.Operator.Api/api/tokenvalidator?token=A&applicaiontPrefix=B&clientPrefix=C'
#The result of the endpoint would be:

{{{ 
{
“valid”:true,
“message”:”Token is valid”
}
}}}

or
{{{
{
    “valid”:false,
    “message”:”Token is not valid”
}
}}}

!Example

Imagine OKIT has an SMS API App that can send an SMS and we want to grant access to client BlaBla to be able to send SMS via API tokens. 
* The first step is registering this SMS API APP in OKIT Accounting by defining an application. Now this service can be offered to any client. 
* The next step is creating an API token for client BlaBla and for the application “SMS API APP”.
* Now the token and client prefix (BlaBla should know this) can be passed to the client BlaBla. There is no need to send the application prefix to the client, as we should set it internally into SMS APl APP.
* Now that cline BlaBla has all the information, it can connect and send a request to SMS API. SMS API internally will check the validity of a token and either accepts or rejects the request.

[{Image src='api_key_example.png' align='center' }]