Authentication

The CreateTOTALLY API uses API keys to authenticate requests.

Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed via HTTP Basic Auth or the HTTP api-key header.

caution

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

HTTP Basic Auth

Provide your API key base64 encoded as the basic auth username value. You do not need to provide a password or the colon.

"Authorization": "Basic your_enconded_api_key"

Reference: https://en.wikipedia.org/wiki/Basic_access_authentication

HTTP api-key Header

Provide your API key in the api-key HTTP header. This should not be base64 encoded.

"api-key": "your_api_key"

HTTP Basic Auth​

HTTP api-key Header​

HTTP Basic Auth

HTTP api-key Header