> For the complete documentation index, see [llms.txt](https://docs.toomuchmedia.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.toomuchmedia.com/api/api-usage-requirements.md).

# API Usage Requirements

This article lists requirements for using the NATS API.

## Restrict Access by IP

{% hint style="success" icon="hand-holding-star" %}
**Recommendation:** We recommend that you grant access only to the IP addresses of those who will be actively using the NATS API.
{% endhint %}

To use the NATS API, you will need to provide a list of IP addresses that will be granted access to the NATS API.

In the **Security** section of the **Configuration Admin**, this information is stored as a comma-separated list of IP addresses set in the Admin Allowed IPs setting.

<figure><img src="/files/9uUH7FLM3WIFAfo4mn1E" alt=""><figcaption></figcaption></figure>

## Enable REST API

{% hint style="success" icon="hand-holding-star" %}
**Recommendation:** We recommend enabling only the API systems you plan to use.
{% endhint %}

In addition to allowing API access to IP addresses, you will need to enable the NATS API itself.&#x20;

In the **Security** section of the **Configuration Admin**, enable the API by clicking the checkbox for the **Enable REST API** configuration setting and changing the setting to **Yes**.&#x20;

<figure><img src="/files/Yaxbnfv7SaIXcIxIBqp7" alt=""><figcaption></figcaption></figure>

This configuration is disabled by default and is available to quickly turn off the NATS API for all users should the need arise.&#x20;

## API Users per System or Server

{% hint style="success" icon="hand-holding-star" %}
**Recommendation:** We recommend creating separate API accounts for separate uses or servers. This ensures that access to the API systems is limited should that account be compromised.&#x20;
{% endhint %}

An example of this type of setup would be creating an account for API use in your members area, and creating a separate account for API use on an external Adtool system. If you have members areas on separate servers, it would be best to create a separate account for each server as well.

<figure><img src="/files/CWbw5ks7Dmgpu9JAf8dg" alt=""><figcaption></figcaption></figure>

## API Permissions

{% hint style="success" icon="hand-holding-star" %}
**Recommendation:** The permissions system allows you to make available only those systems that an account needs to use. We encourage you to only make available the functions or resources that are necessary to the account itself.
{% endhint %}

For each account able to access the API system, we provide the ability to restrict the resources or functions available to them.&#x20;

For example, if an account is to be used for membership authentication, set the account's API permissions to only allow them access to the member search function.

### REST API Permissions

By Default, an account does not have access to any of the available REST API resources.&#x20;

Click the **Details** button associated with the corresponding admin area to select which of the collection, method, and resource combinations you would like to enable for the account.&#x20;

<figure><img src="/files/QNA8eCzLRT8KoDKpeVxS" alt=""><figcaption></figcaption></figure>

Save the configuration by clicking the **Save** button at the bottom of the modal.&#x20;

<figure><img src="/files/AVVHzI00Ih0zPV137JSw" alt=""><figcaption></figcaption></figure>

## Related Articles

{% content-ref url="/pages/p70jG9U9Tax1jurbmVOW" %}
[API Overview](/api/api-overview.md)
{% endcontent-ref %}

{% content-ref url="/pages/heAInfAbg7o57vt6QzET" %}
[API Endpoints](/api/api-endpoints.md)
{% endcontent-ref %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.toomuchmedia.com/api/api-usage-requirements.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.