Skip to main content

Welcome to the Worldly Public API!

Worldly provides a customizable API for customers to use with their own internal systems. This API requires significant technical resources from an IT team or third-parties such as system integrators or consultants to build. For more information on accessing Worldly API Connectors, fill out this form and a member of our team will be in touch.

How to authenticate

  • Select Account in the top-right dropdown and select Integrations on the nav bar
  • Select Your Developer Integration. Create both Developer Public Keys and API Keys
  • Scroll to Your Active Integrations and create API Keys
Integrations view Integrations view — API keys

Encrypting your API Key

Please be sure you have the latest version of OpenSSL installed on your machine
  • Copy an API Key created on your Developer Integration and paste it into an x-api-key header param when making a public API request
  • Copy a Public Key on your Developer Integration and paste it into a public.pem file
  • Copy an API Key created on your Active Integrations and paste it into a secret.txt file. Append a recent timestamp to the Key such as &2023-02-14T10:11:12
You will need to regenerate and reinsert a new ISO-formatted timestamp with your API Key every 12 hours in order to get a 200 response.
  • Run the command on the same directory of the secret.txt file created:
openssl pkeyutl -encrypt -pubin -inkey public.pem -in secret.txt | base64
  • Copy the result of the previous command and paste it into a x-developer-request-token header param when making a public API request
  • Make a request to the new version of the public API and check the results. Example:
curl --location --request POST 'https://api-v2.production.higg.org/api/v1/modulecsv/fem' \
--header 'Content-Type: application/json' \
--header 'x-api-key: <developer-account-api-key>' \
--header 'x-developer-request-token: <encrypted-integration-account-api-key-plus-timestamp>' \
--data-raw '{
"from": 0,
"size": 10
}'
For a complete list of base URLs for each API and environment (including demo), see Base URLs & Environments.

Tips for authentication workflow

  • Add the secret.txt file for each unique token in its own, separate directory folder. Open the Terminal from that folder when running the base64 encryption to ensure the correct secret.txt token is being used
  • Add the base64 Terminal command as a local shortcut to easily paste for re-encryption every 12 hours
Switch to v0.1 (Legacy) using the version selector at the top of this page for the legacy JWT-based authentication guide.