Add Car Sales Data to your App Without Changing Your Backend (Or Even Having A Backend)

With the introduction of our SubUser API Keys it is now possible to use data from the CIS Automotive API in an application as simple as a single HTML document with no backend required. We wanted to make it easy to use our data in applications that don't follow the traditional client server architecture.

We put together a Dashboard Demo that showcases how to use some of our endpoints from a static HTML page with no backend.

Previously this type of application would have required some backend infrastructure to query our API, manage sessions, and manage/ cache requests. With the SubUser API Keys this burden is offloaded from your backend onto our infrastructure which simplifies application development and improves time to market.

General Workflow

  • Create an account and pick a subscription plan.
  • Create some SubUser API Keys and embed them in your javascript application or website.
  • Make some requests and start working with our automotive market data.

Creating Our SubUser API Keys

Section Highlights

  • SubUser API Keys are not available when accessing our API through a thrid party provider. You must have an account with us if you want to use SubUser Keys in your application.
  • Make a request to the /makeSubUserKey endpoint and specify the domain of your site and endpoints you want the key to have access to. You can pick any endpoints that require a JWT (JSON Web Token) as an argument and all calls are billed at your normal rate for the endpoint's tier.
  • and are two different domains. Keys made for one domain will not work on the other. and are the same domain and can both use the same SubUser Key.
  • Keys for will not work on 'localhost' and vice versa. We recomend you create a SubUser Key for 'localhost' for testing and development of your application, but keys for 'localhost' should never be shared or published in your application.
  • You can view your issued SubUser Keys and metadata by calling the /getSubUserKeys endpoint.
  • You can revoke a SubUser Key at any time by calling the /revokeSubUserKey endpoint and providing the key's UUID.
  • Users on a basic plan can only make SubUser Keys for 'localhost'. If you want to add our data to your site you need a higher tier plan.
  • Our javascript library is available via Jsdelivr's CDN minified and non minified
Show full text

When you create a SubUser API Key you specify the domain allowed to make the requests and the endpoints the SubUser Key is allowed to access. Users with a paid plan can specify any domain they'd like, but users on a free or basic plan may only make keys for 'localhost'.

You can create a SubUser API Key programatically by making a POST request to our /makeSubUserKey endpoint or you can manually create one on the docs page. You will need to specify the domain the key will be used on, but be aware that and are two different domains and the key for one will not work on the other . If your users can access your application via either domain, then create two keys (one for each domain) and have some javascript on the page determine which domain was loaded and pick the corresponding key. You should also make at least one SubUser Key with the domain of 'localhost' for building and testing your application. A SubUser Key with a different domain will not work on 'localhost'.

In addition to the domain you will also need to pick the endpoints the SubUser Key will be able to access. You should only pick endpoints you intend to use in your application to help reduce the potential for misuse. By default the "endPoints" argument is ["*"] which means all endpoints. At time of writing there is a visual bug in the openAPI documentation renderer that causes the "endPoints" argument for the /makeSubUserKey endpoint to render as ["string"]. This is a visual bug only and is interpreted by our API as ["*"] meaning all endpoints. You can also see the default value by clicking on the schema next to it.

When you create a SubUser key the "token" value returned is used to access the endpoints you specified as the "jwt" value in the request. This "token" is valid until revoked and can only be used for requests to the specified endpoints from the specified domain. If you ever need to retrieve the value of a SubUser API Key you can make a request to the /getSubUserKeys endpoint to see all SubUser Keys you've created and their associated metadata. You can revoke a SubUser Key with a call to the /revokeSubUserKey endpoint with the key's specified UUID.

Setup Your Template

Once you have your SubUser API Key you can just embed it in your html document. We have a skeleton template below taken from our dashboard demo that uses Vue.js to populate a dropdown and perform an action. We use AJAX and callbacks to populate the skeleton with data and our cisapi library provides javascript bindings for our API.