Using an API Key

Last updated:

Prisma Campaigns provides a secure way to pull customer information from your database using API keys. This feature is specifically designed for retrieving customer data and requires proper authentication for each request.

Authentication

Each request to retrieve customer information needs a Bearer token authentication. The API key must be generated specifically for your financial institution and included in the Authorization header of your request.

To create an API key, follow these steps:

  1. Navigate to the Settings/API Keys menu in Prisma Campaigns.
  2. Click on the New API Key button.
  3. Enable Permits access to the Customers module.
  4. Save the API key and copy it to your clipboard.

Create an API key

Retrieving Customer Information

To retrieve customer information, you will need to make a GET request to the customer lookup endpoint. The URL structure includes your instance’s subdomain and the customer identifier you want to look up.

Header Parameter Value Format
Authorization Bearer YOUR-API-KEY
Accept application/json
URL Method
https://YOUR-SUBDOMAIN.prismacampaigns.com/api/customers/find/CUSTOMER-ID GET

Example Request

Here’s an example using curl to retrieve customer information:

curl -H "Authorization: Bearer b63acbfa-0070-480e-a608-4cc9d5bdd8e4" \
     -H "Accept: application/json" \
     https://bankofholland.prismacampaigns.com/api/customers/find/bFNsbkhoY3ZKRmdvNVAzVm1LNlJjd90z

where b63acbfa-0070-480e-a608-4cc9d5bdd8e4 is the API key and bFNsbkhoY3ZKRmdvNVAzVm1LNlJjd90z is the identifier for the customer in question.

Response Format

The response will be returned in JSON format, containing the customer information available in your instance. For example:

{
  "tags":[17592213056255],
  "name":"John",
  "updated-by":[{"id":17592213056257}],
  "last-update":1678869745683,
  "mobile-registrations":null,
  "id":"bFNsbkhoY3ZKRmdvNVAzVm1LNlJjd90z",
  "last_name":"Doe",
  "Email_address":"johndoe@bofh.com",
  "full_name":"John Doe"
}

Security Considerations

  1. Keep your API key secure and never expose it in client-side code.
  2. Each API key is specific to a financial institution.
  3. Regularly rotate your API keys as part of your security best practices.