Overview
For all product information and purchases, please consult the meteoblue Weather API product page.
The following pages here contain all technical information about the meteoblue Weather APIs.
For questions regarding the API v2 migration, please check our API v2 FAQ. This page contains all technical information about the new meteoblue API.
We aim to provide a seamless migration process to the new API version. The current API will be replaced with the new API on 2024-03-04 at 10:00 CET.
meteoblue offers APIs for on-demand access to weather data via simple HTTP APIs. Customers can request weather data in multiple formats or ready-to-use visualizations. The API serves requests almost instantaneously and can be integrated into automated systems, websites or applications.
Weather data can be retrieved by coordinates with latitude and longitude for every place world wide. By using now-casting based on measurement stations, radar and satellite telemetry the forecast is always up to date. meteoblue's unique approach to combine multiple weather models with machine learning algorithms produces the best possible weather forecast.
The following API URL retrieves the current weather forecast in hourly and daily resolution for Basel, Switzerland: http://my.meteoblue.com/packages/basic-1h_basic-day?lat=47.558&lon=7.573&apikey=DEMOKEY
meteoblue offers different types of Weather API products:
Product | Product Description | Technical Documentation | Product Page |
---|---|---|---|
Free Weather API | Instant access to meteoblue high-accuracy weather forecast data | Free Weather API | Free Weather API |
Forecast API | Data packages as CSV or JSON for weather forecast data | Forecast API | Forecast API |
History API | Single variable data as CSV or JSON for historical weather data | History API | History API |
Image API | Charts as PNG images like meteograms, pictoprints or cross sections | Image API | Image API |
Maps API | Weather maps, satellite and radar images | Maps API | Maps API |
Dataset API | Access to whole meteoblue weather data archive | Dataset API | Dataset API |
Further APIs | Location Search API, Account API & PNG Maps API | Further APIs |
API Access
To access the meteoblue Weather APIs you need to get an API key. Please contact [email protected] to apply for an free API key trial. We offer demand-based or flat-rate pricing.
The API key must be appended to all API calls. The example API URL above uses &apikey=DEMOKEY
. An API key should be kept private to prevent misuse. The meteoblue API also offers signature mechanisms to protect the API key in dynamic web applications or mobile apps.
An API key is typically limited to the number of calls per day for individual data package, image or weather map. Without further agreement, we impose a rate limit of 500 calls per minute.
Signing API Calls
API calls are only authorized by API keys. To prevent unauthorized access, we offer a signature mechanism with a shared secret. On request we will associate a shared secret with your API key and enforce the signature security policy.
To sign an API call you have to add a Unix timestamp to your URL and calculate an SHA256 hash of the query string and the assigned shared secret. API queries can be signed with HMAC SHA-256. Below you will find examples of how to achieve this in various languages.
- PHP
- JavaScript
- C#
- Python
- Java
- Go
- Ruby
$sharedSecret = "MySharedSecret";
$query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800";
$sig = hash_hmac("sha256", $query, $sharedSecret);
$signedUrl = "https://my.meteoblue.com" . $query . "&sig=" . $sig;
// Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
const sharedSecret = "MySharedSecret";
const query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800";
const sig = require('crypto').createHmac('sha256', sharedSecret).update(query).digest('hex');
const signedUrl = `https://my.meteoblue.com${query}&sig=${sig}`;
// Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
using System;
using System.Security.Cryptography;
using System.Text;
class Program
{
static void Main()
{
string sharedSecret = "MySharedSecret";
string query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800";
using (HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(sharedSecret)))
{
byte[] data = Encoding.UTF8.GetBytes(query);
byte[] sigBytes = hmac.ComputeHash(data);
string sig = BitConverter.ToString(sigBytes).Replace("-", "").ToLower();
string signedUrl = $"https://my.meteoblue.com{query}&sig={sig}";
// Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
}
}
}
import hashlib
import hmac
sharedSecret = "MySharedSecret"
query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800"
sig = hmac.new(sharedSecret.encode(), query.encode(), hashlib.sha256).hexdigest()
signedUrl = f"https://my.meteoblue.com{query}&sig={sig}"
# Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.io.UnsupportedEncodingException;
public class Main {
public static void main(String[] args) {
String sharedSecret = "MySharedSecret";
String query = "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800";
try {
Mac sha256Hmac = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKey = new SecretKeySpec(sharedSecret.getBytes("UTF-8"), "HmacSHA256");
sha256Hmac.init(secretKey);
byte[] hmacBytes = sha256Hmac.doFinal(query.getBytes("UTF-8"));
String sig = Base64.getEncoder().encodeToString(hmacBytes);
String signedUrl = "https://my.meteoblue.com" + query + "&sig=" + sig;
// Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
} catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
e.printStackTrace();
}
}
}
package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
"fmt"
)
func main() {
sharedSecret := "MySharedSecret"
query := "/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800"
h := hmac.New(sha256.New, []byte(sharedSecret))
h.Write([]byte(query))
sig := hex.EncodeToString(h.Sum(nil))
signedUrl := fmt.Sprintf("https://my.meteoblue.com%s&sig=%s", query, sig)
// Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
}
require 'openssl'
sharedSecret = 'MySharedSecret'
query = '/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800'
digest = OpenSSL::Digest.new('sha256')
hmac = OpenSSL::HMAC.hexdigest(digest, shared_secret, query)
signedUrl = "https://my.meteoblue.com#{query}&sig=#{hmac}"
# Result: https://my.meteoblue.com/packages/basic-1h?lat=47.1&lon=8.6&apikey=DEMOKEY&expire=1924948800&sig=a1fe106e1a0d31b122305f569532d2f646ad722d7a90bed69971bb8ce4466856
A maximum expiration time (&expire=1924948800
, standing for 2030-12-31 12:00pm) can be specified to limit the validity of a call to a fixed unix timestamp. If it is not specified, the API query can be repeated indefinitely, but any modification to the URL will break the signature.
If UTF-8 characters are present in URL parameters, it is necessary to encode them before calculating the SHA256 HMAC signature. In PHP this can be done using the function urlencode().
$query = "/packages/basic-1h?lat=52.41&lon=16.93&city=" . urlencode("Poznań");
// Result /packages/basic-1h?lat=52.41&lon=16.93&city=Pozna%C5%84
This feature is intended to integrate meteoblue APIs directly into web-interfaces. We recommend a 10 minutes expire time. For more dynamic applications like mobile apps we recommend, that users are authorized on your systems and then signed URLs to the meteoblue APIs are returned.