Contents

Use Authorization Tokens to Access APIs

You can use the token received in response to a request to the Authentication API to authorize with other APIs. Here are the APIs that support token-based authorization:

To authorize when using these APIs, transfer the token in the request header:

AuthorizationJWT
required
Authorization token.
  • Format: Bearer [token]
  • Where [token] is substituted by the token value obtained through the authentication API.

Let us suppose that you received the following response to your request to the Authentication API:

{
  "token": "fj45u923j59ju42395iu9423i59243u0",
  "refresh_token": "4e283bb7620068c42d6"
}

When making the request to another API, transfer in the request header:

AuthorizationJWT: Bearer fj45u923j59ju42395iu9423i59243u0

When using Postman, you can add the Token variable to the Environment settings and insert the token value automatically into your requests to other APIs.

Example of variables set up in Postman
Example of token transfer using postman

If authorization with the token is not performed, then the HTTP/1.1 401 Unauthorized response code and the error description return in the response body in JSON format.

Error Message Description
1007 Your token is invalid. Authorization failed, your token value is invalid.
1008 Missing token. Authorization failed, your token has not been transferred.
1009 Your token is expired. Authorization failed, your token has expired.
{
  "errors": [
    {
      "error": 1007,
      "message": "Your token is invalid."
    }
  ]
}