Moz API V1 Authentication

Frequently Asked Questions

  • Yes, the Links V1 endpoints are still accessible.
  • No, the same credentials are used for both versions of the Links API
Have you heard? We've launched a brand new set of Moz API endpoints, including Keyword Suggestions, Search intent, Brand AuthorityTM, and more! To learn more and get started, check out the all-new documentation here.
Please note: Beginning August 8, 2024, Moz API will no longer support plain HTTP access. To avoid service disruption, please update any existing HTTP client configurations to HTTPS.

This documents the process for setting up signed authentication. We also support Basic Authentication for Moz Link v2 endpoints.

V1 Signed Authentication

Please note: Beginning August 8, 2024, Moz API will no longer support plain HTTP access. To avoid service disruption, please update any existing HTTP client configurations to HTTPS.

Parameters

Signed authentication requires three query string parameters in every call:

  • AccessID: obtained when you generate your API credentials.
  • Expires: a Unix timestamp (in seconds) indicating how long the request is valid.

    Expires should be a time no more than a few minutes ahead. Setting an expiration date too far in the future may pose a security vulnerability, while values set to expire within a few seconds may time out before the call reaches the Moz Links API server. An acceptable default is 300 seconds (5 minutes) in the future.

  • Signature: an HMAC-SHA1 hash of your Access ID, the Expires parameter, and your Secret Key. The secure hash must be base64 encoded then URL-encoded before Links API accepts the signature as valid.

The first step of the Signature hash requires a line break between AccessID and Expires. This PHP code sample provides an example of how to hash and encode your Signature.

Example of a valid signed authentication string

          
<p>AccessID=member-cf180f7081&amp;Expires=1225138899&amp;Signature=LmXYcPqc%2BkapNKzHzYz2BI4SXfC%3D</p>
        

Woo! 🎉
Thanks for the feedback.

Got it.
Thanks for the feedback.