The Fintel API uses share-secret authentication. In shared-secret authentication, both the client and the server know a secret, and the client passes this secret to the server when making requests. The server checks the secret against what it is expecting, and if correct, properly authenticates the request.
Here are the steps required to generate your secret:
One you have your key, you must supply it to the server in each request. To do this, add it to the header as the X-API-KEY property.
In order to prevent performance problems in our systems, there are two types of rate limits placed on the system. This section describes each of them:
At the request level, we limit the number of requests that can be made within a certain number of seconds.
Additionally, there is a daily limit on the amount of data that can be downloaded in a given 24 hour period. We measure the amount of data using a rough weighting factor that is loosely correlated to the number of records downloaded. For example, a request to the ownership endpoint to retrieve the full ownership data of a security will have a weight that corresponds to the number of owners returned. If the call returns 100 owners, the weight will be 100. If the daily rate limit is exceeded, the API will return HTTP code 402 ("Payment Required"). The current default MAX_WEIGHT is 500,000.