How to authenticate with our services


Base URL Note

Please note that the base URL for all API calls described in this Authentication section is: https://auth.altitudeangel.com/. Requests sent over HTTP will be rejected (you must use HTTPS).


We provide you with several mechanisms to authenticate with our APIs. The majority of our API endpoints require you to use OAuth 2.0 Bearer Tokens to authenticate your request (either as a client or as a user), however for convenience, some API endpoints will accept basic API Key authentication.


For customers with per-user licensing

Regardless of whether the API method requires it, your Client credentials will require an authenticated user context in order to function. You can either follow the normal OAuth processes described herein, implement your own STS and ask us to trust it, or you can follow our Simple User Provisioning and Authentication procedure.

This section covers everything you need to know to authenticate using any of the available methods.

What type of authentication do I need to do?

The documentation for each API will tell you what authentication/authorization mechanisms it supports and/or requires. As a general rule-of-thumb, if the operation is designed to be carried-out against a user identity, then we will not support API Key authorization on that endpoint.

You can consult the documentation for the relevant API call to establish what type of authentication you must carry out.

Where do I get my credentials?

Before you can utilise any type of authorization, you must sign-up to our Developer Portal and create an application. Within the application, you can then generate the necessary API Key or Client ID and Client Secrets necessary.

It is also possible to use Altitude Angel as a Single Sign On (SSO) provider (please see separate documentation).

Using Altitude Angel as an Identity Provider

It is possible to use Altitude Angel as your application's Identity Provider, provided that your Client credentials have been granted access to do so. This will enable your application (via OAuth 2) to present a themed login and account creation screen, powered by Altitude Angel, so that you don't have to invest time in maintaining and building expensive security infrastructure.

Get started by reading the Altitude Angel Identity Provider docs.


Scopes are used to limit what a given account can do. Altitude Angel APIs support a wide variety of scopes but not all scopes are supported by all authentication mechanisms. The table below shows the details for the currently supported scopes.

ScopeDescriptionAPI Key
query_mapdataQuery the map endpoints for ground data.Y
query_mapairdataQuery the map endpoints for airspace data.Y
talk_towerQuery the area report and weather endpoints.Y
strategic_crsUse of the Strategic Conflict Resolution Service.Y

What’s Next

Now you can authenticate, a great place to start is by making your first call to our Map Data service.