Using our API
OpenAPI Specification
We provide an OpenAPI specification that can be used to build API clients or for importing into other tools such as Postman. Our specification can be downloaded here.
Authentication
We allow two methods of authenticating users: API keys and HTTP Bearer tokens.
API Keys
API Key authorization is the mechanism to be used by external applications. API keys will typically be long-lived, as such they should be kept secret and treated like any other password.
Authorization is performed by providing the API key in an X-API-Key
header.
HTTP Bearer tokens
HTTP Bearer token authorization is the mechanism to be used for other types of clients. Depending on the token scope, these tokens may provide access to all endpoints.
Bearer tokens must be obtained and refreshed through our identity provider.
Authorization is performed by providing the bearer token in an Authorization header, for example: Authorization: Bearer <token>
.
Updated 22 days ago