Docs

Optic Systems API Authentication

How to authenticate Optic Systems API requests: one Bearer API key plus a connectionId. MindCloud stores your API key securely — set it once, never resend it.

Every Optic Systems API request through MindCloud needs two things: a MindCloud API Key and a connectionId for your Optic Systems account. This page covers both, plus exactly how to send them, so you do not need to visit any other page to get authenticated.

Steps to authenticate

  1. Create a MindCloud account at app.mindcloud.co if you do not already have one.
  2. Generate a MindCloud API Key in API Keys. This is the Bearer token you send on every request. Keep it on your server.
  3. Create a Optic Systems connection in Connections. Optic Systems uses an API key. You generate the key in your Optic Systems account, then paste it in when you create the connection — MindCloud stores it securely and never returns it in a response.
  4. Copy the connection’s connectionId — you will send it on every request alongside your MindCloud API Key.

How requests are authenticated

Authentication has two layers. Your MindCloud API Key authenticates the request to MindCloud, sent as a Bearer token in the Authorization header. The connectionId selects the connected Optic Systems account that should run the action. MindCloud stores and refreshes the Optic Systems credentials behind that connection, so you never send provider tokens with your requests.

Pass connectionId in the query string for GET and DELETE actions, and in the JSON body for POST, PUT, and PATCH actions.

For example, calling Get a Single Opportunity with an Optic Systems connection looks like this:

curl --request GET \
  --url "https://connect.mindcloud.co/v1/universal/opticSystems/latest/actions/get-a-single-opportunity" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --get \
  --data-urlencode "connectionId=$CONNECTION_ID"

The Authorization: Bearer <your MindCloud API Key> header authenticates you to MindCloud; the connectionId tells MindCloud which Optic Systems account to run the action against. Missing or invalid Authorization returns 401, and a missing or mismatched connectionId returns 400.

Keep your key safe

Keep your MindCloud API Key on your server; do not ship it in browser code, mobile apps, public repositories, or logs. Anyone with the key can call the Universal API as your MindCloud account, across every connection you have created.