How to use Meteo Rest Services

Get valid public and private keys

In order to access to meteorological data from Euskalmet API you need valid public and private API keys. To obtain the valid public and private keys you can log in and request, manage and renew them at this application.

Generate a valid JWT from the private key

JSON Web Token (JWT) is an open standard (RFC-7519) based on JSON consisting of a token that is used to send data between applications or services and ensure that it is valid and secure.

It has three parts:

  • Header
  • Payload
  • Signature

Valid Meteo API JWT example (more information):

eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJtZXQwMS5hcGlrZXkiLCJpc3MiOiJzYW1wbGVBcHAiLCJleHAiOjE2MTg2Nz M0NzgsInZlcnNpb24iOiIxLjAuMCIsImlhdCI6MTYxNjA4MTQ3OCwiZW1haWwiOiJpa2VyLm9sYWJhcnJpYUBnbWFpbC5jb20 ifQ.Dq62lcuVNwCYscXxUCEDNvQ8WHJlSmtr5RvefvfnKrUGtb3uRZZiB4YozL6YF-MNL0ehJVMnSoUVTBa19arrwjzP-_quTa 0xX6iIP6aMlHlFtoFNmeaumUkh9pM3ZaNI_rsFju_F0GZkpORliJIbJd6LaJkvyrWgxx8KLWfoa99h8vEoXKJcJxLrTO4dcarhU1f lvqM7HP7rFehPScid_BTYPH_zRkVT_anWSPc7L4HWYLgfz-x0lr6jcryyjDtPJ2DXuYTIGXeN449fwZuVogNeHxqnM-7OQkIL0 viaipLQOpUi3euoSn46uXRt2KI5zqhT5Z9rs2YCCo7eZNhmlA

The JWT (JSON Web Token) of the Meteo API has the following structure:

Header

Claim Name Description Value
alg algorithm [fixed value] RS256

Payload

Claim Name Description Value
aud audience [fixed value] met01.apikey
iss Issuer (emisor) description issuer description, ex. company name
exp Timestamp expiration Ex. 1616081478
version Api key version [fixed value] 1.0.0
iat Emission timestamp Ex. 1618673478
email Api key owner email Ex. name@company.com
loginId Api key owner identifier Fingerprint of the public key (provided alongside the public key or can be calculated by applying a Keccac256 hash to the key)

(*) Important: To identify the owner of the api key, either the claim email (mail associated with the owner of the public key) or the claim loginId is used. Just indicating one of the two is enough.

Signature

Sign with the private key according to the RS256 algorithm,

Pseudo-code:

data = base64urlEncode (header) + "." + base64urlEncode (payload)
signature = Hash (data, privateKey)

Important: It is recommended to use one of the libraries specified in http://jwt.io for different programming languages.

Once the JWT is generated you can check it at http://jwt.io/

Send the JWT for each http request

Send in the Authorization header the value: Bearer[space][JWTvalue]

Example [ RFC6750]:

GET /resource HTTP/1.1
Host: api.euskadi.eus
Authorization: Bearer eyJhbGciOiJIUzI1NiIXVCJ9TJV...r7E20RMHrHDcEfxjoYZgeFONFh7HgQ

It must be taken into account that in the documentation the requests are made against a test server (https://api.sandbox.euskadi.eus). To make real requests, you must use the production server (https://api.euskadi.eus).

Technical support

For any technical question or incident you can contact us through opendata@euskadi.eus