# TPS JSON API headers and authentication Source: [https://docs.qualcomm.com/doc/80-42204-1/topic/aps-json-api-headers-and-auth.html](https://docs.qualcomm.com/doc/80-42204-1/topic/aps-json-api-headers-and-auth.html) To implement the Terrestrial Positioning Service (TPS) API, the device must collect data about the radio signal environment, including Wi-Fi access point MAC addresses, cell tower IDs, and signal strengths. This data is then submitted using the TPS API. Along with this data, if accessible, include GPS location information to improve location results even when GPS is unavailable. Starting from TPS v2.21, GPS switching has been added to server-side functionality. ### HTTP headers For API calls, always use DNS instead of hard coded IP addresses as they aren't supported by the TPS and can cause a failure in returning location requests. A new optional `Skyhook-Request-Token` HTTP header has been introduced in protocol v2.28. Clients can choose to include an opaque `messageID` in the `Skyhook-Request-Token` header in any type of request, and the API server will echo back the provided value as a `Skyhook-Request-Token` header in the corresponding response. If all API calls are forwarded from a centralized server before reaching the TPS API endpoint, the X-Forwarded-For (XFF) HTTP header must be used with the original public API address of the device making the request. Consider the following example of an HTTP header: Forwarded: for=192.0.2.60; proto=http; by=203.0.113.43Copy to clipboard The XFF header is a standard used to identify the original IP address of a client connecting to a web server through one or more proxies or load balancers. It helps preserve the client’s identity across layers of infrastructure. ### API key An evaluation license agreement is required to obtain an API key for TPS. For more information about the license agreement, contact the Qualcomm TPS team at [sales.tps@qti.qualcomm.com](mailto:sales.tps@qti.qualcomm.com). ### Unique device ID With each unique location request, it's recommended to submit a unique device ID or `user` for the end-user device. This enables more accurate location results and impacts the redundancy of how location data is processed and weighted for optimization. If `user` isn't provided, reporting and API performance may be impacted. Note: Individual device IDs aren't stored permanently in Qualcomm’s system, but are stored with a rotating hash in accordance with Qualcomm user and commercial privacy policies. ### Endpoint URL The TPS API endpoint URL of JSON-formatted requests is [https://global.skyhook.com/wps2/json/location](https://global.skyhook.com/wps2/json/location). ## HTTP authentication methods Source: [https://docs.qualcomm.com/doc/80-42204-1/topic/aps-json-api-headers-and-auth.html](https://docs.qualcomm.com/doc/80-42204-1/topic/aps-json-api-headers-and-auth.html) The TPS JSON API request can be authenticated using: - HTTP headers via: - Authentication key and user name - Token - HTTP URL parameters ### HTTP header-based authentication - **Auth-key and user name**: Submit a request with `Skyhook-Auth-Key` header containing the API key along with optional `Skyhook-Auth-User` containing the user name associated with the key. Note: An evaluation license agreement is required to obtain an API key for TPS. For more information about license agreement, contact Qualcomm TPS team at [sales.tps@qti.qualcomm.com](mailto:sales.tps@qti.qualcomm.com). - **Token**: Skyhook supports a token-based registration and authentication model, available on a per request basis. For more information, see [Token-based registration](https://docs.qualcomm.com/doc/80-42204-1/topic/24_Token_based_registration_using_a_license.html) or contact Qualcomm TPS team at [support.tps@qti.qualcomm.com](mailto:support.tps@qti.qualcomm.com). ### HTTP URL parameters-based authentication The TPS API JSON request body doesn't contain explicit authentication section. Rather, the API key and user ID are encoded into the request endpoint URL. https://global.skyhookwireless.com/wps2/json/location? key="&user="Copy to clipboard Last Published: Mar 17, 2026 [Previous Topic Introduction to TPS JSON API](https://docs.qualcomm.com/bundle/publicresource/80-42204-1/topics/1_Introduction_to_Terrestrial_Positioning_Service_API.md) [Next Topic TPS JSON API request](https://docs.qualcomm.com/bundle/publicresource/80-42204-1/topics/4_TPS_JSON_API_request.md)