In order to secure your data, Keyline requires API users to authenticate before they can access any information. This is done by supplying an API access token in the HTTP header with every request that you make.

Be sure to keep access tokens secret. With great power comes great responsibility!

Authorization header

To gain API access you must supply an HTTP header with the name "Authorization" and the contents "Bearer your access token", like so:

curl -H "Authorization: Bearer 4b00c2cbffba2d16d24dd8adf0e843e6b143b54dbf800ce7ef12d431927ef63f"

HTTP/1.1 200 OK

If you didn't send any token, your access token is wrong or you're not allowed to access the requested resource, you'll get

HTTP/1.1 401 Unauthorized

Token administration

You can add or revoke access tokens in Keyline in the Settings > API section.

What's best to read next?