# Securing your account

https://docs.urbandataanalytics.com/#section/Securing-Access

## Create a new Application/Consumer

In [7]:
import requests
import json
import uuid

from settings import env

url = f"{env.PROXY}/api/backoffice/v1/app/create"

id = str(uuid.uuid4())[:5]

payload = json.dumps({
  "name": f"Application {id}",
  "description": "My web app"
})

headers = {
  'Authorization': env.API_KEY,
}

response = requests.post( url, headers=headers, data=payload)

response.json()

{"message": "Verification token sent. Check your email.", "consumer_id": "ec8986cb-286c-4d54-aa25-37e7ef413f82", "verified": false}


## List Applications/Consumers

In [10]:
url = f"{env.PROXY}/api/backoffice/v1/app/list"

headers = {
  'Authorization': env.API_KEY
}

response = requests.get(url, headers=headers)

response.json()

[{'consumer_id': '0fd73c1d-ab5f-4893-ab31-6d60d9c8f57a',
  'name': 'Application A',
  'description': None,
  'created_at': '2024-03-13T18:19:53.284000',
  'is_verified': False,
  'is_revoked': False},
 {'consumer_id': '2629a8a6-184b-42c3-87c0-6b898fefc66e',
  'name': 'Test 1',
  'description': None,
  'created_at': '2024-04-11T14:04:19.243000',
  'is_verified': False,
  'is_revoked': False},
 {'consumer_id': 'fe5b2100-71ce-474e-b5b3-4cd519e85472',
  'name': 'Test 10',
  'description': None,
  'created_at': '2024-04-11T14:06:22.938000',
  'is_verified': False,
  'is_revoked': False},
 {'consumer_id': 'e045e314-74ef-4a9b-9eb4-51acfd6719b9',
  'name': 'Test 11',
  'description': None,
  'created_at': '2024-04-11T14:32:23.132000',
  'is_verified': False,
  'is_revoked': False},
 {'consumer_id': 'b7cbfb22-09b5-4090-bba5-5fb1329d349e',
  'name': 'Test 12',
  'description': None,
  'created_at': '2024-04-11T14:32:37.537000',
  'is_verified': False,
  'is_revoked': False},
 {'consumer_id': '40

## Rotate Consumer Secrets

In [36]:
consumer_id = "16ac746e-c157-469e-ac84-8d0caf1608e0"

url = f"{env.PROXY}/api/backoffice/v1/app/rotate-secret?consumer_id={consumer_id}"

headers = {
  'Authorization': env.API_KEY
}

response = requests.post(url, headers=headers)

response.json()

{'email': 'felipe.horta@udarealestate.com',
 'company': 'uDA',
 'name': 'Test 15',
 'consumer_id': '16ac746e-c157-469e-ac84-8d0caf1608e0',
 'description': None,
 'secret': '65e1eacc-6bb6-44c0-9748-7f66f1cf1370',
 'created_at': '2024-04-11T14:39:14.418000',
 'is_verified': True,
 'is_revoked': False}

## Revoke Consumer Application

In [26]:
consumer_id = "16ac746e-c157-469e-ac84-8d0caf1608e0"

url = f"{env.PROXY}/api/backoffice/v1/app/revoke?consumer_id={consumer_id}"

payload = {}

headers = {
  'Authorization': env.API_KEY,
}

response = requests.post(url, headers=headers)

response.json()

{'email': 'felipe.horta@udarealestate.com',
 'company': 'uDA',
 'name': 'Test 15',
 'consumer_id': '16ac746e-c157-469e-ac84-8d0caf1608e0',
 'description': None,
 'created_at': '2024-04-11T14:39:14.418000',
 'is_verified': True,
 'is_revoked': True}

## Activate Consumer Application

In [29]:
consumer_id = "16ac746e-c157-469e-ac84-8d0caf1608e0"

url = f"{env.PROXY}/api/backoffice/v1/app/activate?consumer_id={consumer_id}"

payload = {}

headers = {
  'Authorization': env.API_KEY,
}

response = requests.post(url, headers=headers)

response.json()

{'email': 'felipe.horta@udarealestate.com',
 'company': 'uDA',
 'name': 'Test 15',
 'consumer_id': '16ac746e-c157-469e-ac84-8d0caf1608e0',
 'description': None,
 'created_at': '2024-04-11T14:39:14.418000',
 'is_verified': True,
 'is_revoked': False}

In [30]:
env.API_KEY

'912cf1be-016f-4ffd-b41f-aaaf6f8033bf'

## Rotate your master API Key frequently

In [31]:
url = f"{env.PROXY}/api/backoffice/v1/users/rotate-key"

payload = {}

headers = {
  'Authorization': 'YOUR_API_KEY',
}

response = requests.post(url, headers=headers)

response.json()

{'name': '',
 'surname': '',
 'email': 'felipe.horta@udarealestate.com',
 'is_active': True,
 'company': 'uDA',
 'api_key': '612c226b-2300-4d9a-80d7-04319baf869e'}

## Obtaining an Access Token

In [38]:
url = f"{env.PROXY}/api/backoffice/v1/create-token"

consumer_id = "16ac746e-XXXX-ac84-8d0caf1608e0"
consumer_secret = "5b46d2c8XXXX-5cbc8a9629e5"

payload = {}
headers = {
  'x-consumer-id': consumer_id,
  'x-consumer-secret': consumer_secret,
}

response = requests.request("POST", url, headers=headers, data=payload)

response.json()

{'detail': 'User is not registered.'}