API Authorization
What is Bearer Authentication?
What is Bearer Authentication?
FlatPeak uses Bearer authentication (also called token authentication) to authorise access to API endpoints. This is an HTTP authentication scheme that involves security tokens called bearer tokens. The name “Bearer authentication” can be understood as “giving access to the bearer of this token.” The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources.
Authenticating to FlatPeak API
Follow two simple steps below to start making requests to FlatPeak API endpoints:
Get an API key
You can create, view and delete API keys in
Create a bearer token
To make requests to FlatPeak API endpoints, you first need to generate a bearer_token
at the login endpoint. This endpoint uses HTTP Basic Authentication. The username is your FlatPeak account_id
and the password is the api_key
.
You can use the bearer_token
to make calls to any FlatPeak API endpoints until it expires. The expiry time is returned together with the token in the expires_in
field. Get a new token before the one you are using expires to avoid failed requests.