meteoblue offers APIs for on-demand access to weather data via simple HTTP APIs. Customers can request weather data in multiple formats or ready-to-use visualizations. The API serves requests almost instantaneously and can be integrated into automated systems, websites or applications.
Weather data can be retrieved by coordinates with latitude and longitude for every place world wide. By using now-casting based on measurement stations, radar and satellite telemetry the forecast is always up to date. meteoblue's unique approach to combine multiple weather models with machine learning algorithms produces the best possible weather forecast.
The following API URL retrieves the current weather forecast in 1 hour resolution for Basel, Switzerland: http://my.meteoblue.com/packages/basic-1h?lat=47.56&lon=7.57&asl=279&apikey=DEMOKEY
meteoblue offers different types of APIs:
|API||Description||Link to documentation|
|API+||Instant access to meteoblue high-precision weather forecast data||API+|
|Package API||Data packages as CSV or JSON for forecast and historical weather data||Packages API|
|Images API||Charts as PNG images like meteograms, pictoprints or cross sections||Images API|
|Maps API||Weather maps, satellite and radar images||Maps API|
|Dataset API||Access to whole meteoblue weather data archive||Dataset API|
|Further APIs||Location Search API, Account API & PNG Maps API||Further APIs|
To access the meteoblue API you need to get an API Key. Please contact email@example.com to apply for an free API Key trial. We offer demand-based or flat-rate pricing.
The API Key must be appended to all API calls. The example API URL above uses
&apikey=DEMOKEY. An API Key should be kept private to prevent misuse. The meteoblue API also offers signature mechanisms to protect the API Key in dynamic web applications or mobile apps.
An API Key is typically limited to the number of calls per day for individual data package, image or weather map. Without further agreement, we impose a rate limit of 500 calls per minute.
Signing API Calls
API calls are only authorized by API keys. To prevent unauthorized access, we offer a signature mechanism with a shared secret. On request we will associate a shared secret with your API key and enforce the signature security policy.
To sign an API call you have to add a Unix timestamp to your URL and calculate an SHA256 hash of the query string and the assigned shared secret. API queries can be signed with HMAC SHA-256. With PHP it is fairly simple:
$shared_secret = "MySharedSecret"; $query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1609416000"; $sig = hash_hmac("sha256", $query, $shared_secret); $signedUrl = "https://my.meteoblue.com" . $query . "&sig=" . $sig; // Result: http://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1609416000&sig=ab37e89d7c724fd1a6c4025cb4d1fd07
A maximum expiration time (
&expire=1609416000, standing for 2020-12-31 12:00pm) can be specified to limit the validity of a call to a fixed unix timestamp. If it is not specified, the API query can be repeated indefinitely, but any modification to the URL will break the signature.
If UTF-8 characters are present in URL parameter, it is necessary to encode them before calculating the SHA256 HMAC signature. In PHP this can be done using the function urlencode().
$query = "/packages/basic-1h?lat=52.41&lon=16.93&city=" . urlencode("Poznań"); // Result /packages/basic-1h?lat=52.41&lon=16.93&city=Pozna%C5%84
This feature is intended to integrate meteoblue APIs directly into web-interfaces. We recommend a 10 minutes expire time. For more dynamic applications like mobile apps we recommend, that users are authorized on your systems and then signed URLs to the meteoblue APIs are returned.