-
Notifications
You must be signed in to change notification settings - Fork 0
RebelMouse Private API Authorization
Our REST API service uses a key based authorization that could be managed in your Account page. You can find your own API key in form of a 64 character string, and note that we will be able to identify you with it, so please do not share it.
All client requests are authorized using valid API keys via a specific HTTP header or query string. Query string takes priority over HTTP header, so query string will be considered if you send both at the same time.
In order to authorize requests using "api_key" query string, you need to send it as follows:
<HTTP-METHOD> <domain>/api/<version>/<path>?api_key=<api_key>
In order to authorize requests using HTTP header named "X-RMAuth", you need to perform as follows:
<HTTP-METHOD> <domain>/api/<version>/<path> X-RMAuth: <api_key>
If you send invalid API keys, you are going to get a response with HTTP 403 Forbidden status and the following payload:
{
"status": {
"code": null,
"messages": ["API key is not valid"]
},
"data": null
}