Every endpoints need to authorize with API_TOKEN
at headers. API_TOKEN
is unique for every client and have expired date depending on client request. You can ask administrator to generate API_TOKEN
for you.Treat API_TOKEN
the same way you would treat your passwords or other sensitive credentials. Don't share it using an unencrypted messaging or email system to unauthorized person. You are responsible for any data changed or loss through API_TOKEN
request.
For example if you want to get a detail of client information, you can try
GET : /api/me
{
API_TOKEN: "YOUR-API-TOKEN-CODE"
}
Request Headers application/json | Required |
---|
API_TOKEN string | yes |