API-Key Authentication

Note

This page describes API Key Authentication. Please also see User Authentication

Managing API Keys

API Key Authentication allows accessing the Emby Server API by using a static token. Authentication via API key is the right choice for integration scenarios with other applications, servers or services that are not tied to a certain user's context. To grant access to an external service or server application you will need to create an API Key first.

Warning

It is highly recommended to create separate API keys for each systemn you are granting access to your server. This will allow you to revoke a single access permissions without affecting the others.

Creating an API Key

To create an API key please follow these steps:

• You need to have access to a running installation of Emby Server as an administrator
• Open the Server Dashboard
  This is the web UI where you have performed all configuration of Emby Server
• On the main dashboard page scroll down to the bottom of menu pane on the left
• Under Expert click Advanced
• On the top bar click Security
• Click Add and in the following dialog, enter a name for the API key for easy identification

Authenticating via API Key

The API key must be included in every request made that requires authentication. There are two different ways for specifying the API in an http request

Http Request Header

Send the API key string in an http request heaser named X-Emby-Token.

Query Parameter

An even easier method is to transmit the API key as a query string parameter name api_key. Example:

http://localhost:8096/emby/System/Info?api_key=123456789987654321