Authentication

How to authenticate with the Joyfill Platform

You can authenticate requests to Joyfill using an API key or a User Access Token. Joyfill responds with an error if you don’t include a valid authentication method or if the authentication method is expired.

  • API Keys - Used for authenticating secure backend requests.
  • User Access Tokens - Used for authenticating client-side (web & mobile) requests.

API Keys


API Keys are used for authenticating secure backend requests. API Keys can be created inside the Joyfill Manager API Keys page.

Creation

You can use the Joyfill Manager to view, revoke, and create API keys.

Follow the steps below to create a new API Key inside Joyfill Manager:

  • Step 1: In the top navigation bar select the "Settings and Users" tab. When the menu appears select "API Keys". This will navigate you to the API Keys page.
  • Step 2: Select the "Add Key" button (securely copy and store your public and secret key. This is the only time you will have access to the secret key.)
  • Step 3: You will need to base64 encode your Public and Secret keys before they can used with the API. See instructions below.

Base64 Encoding

You can encode your API keys using the command: echo -n <YOUR_PUBLIC_KEY>:<YOUR_SECRET_KEY> | base64. An example of the command is shown below:

echo -n pk_pnUBoEpGNtCq31LbY3Oxgvsw2UO9:sk_SVcxWggo642Wq3sfVW8AuxIFw2cT | base64

Usage

You must authenticate using HTTP basic authentication. Use your API Public Key as the username, and the API Secret as the password.

You must send an Authorization header with the value Basic followed by base 64 encoded public_key:secret_key .

Header example:

Authorization: Basic cHVibGljX2tleV9leGFtcGxlOnNlY3JldF9rZXlfZXhhbXBsZQo

User Access Tokens


User Access Tokens are used for authenticating client-side (web & mobile) application requests .

User access tokens can be created, retrieved and revoked via the User Access Token API endpoints and inside the Joyfill Manager users page.

Creation

There are two ways to create a User Access Token. The first is from the user page within the Joyfill Manager and the other is via our API. See below for more details.

Option 1: Joyfill Manager

Follow the steps below to generate a User Access Token for your own user account in the Joyfill Manager:

  • Step 1: Login to the Joyfill Manager
  • Step 2: In the top navigation bar select the "Settings and Users". When the menu appears select "Manager Users". This will navigate you to the Users page.
  • Step 3: Select the "Access Tokens" button next to your user account.
  • Step 4: Click the "Add Access Token" button (securely copy and store your user access token.)

Option 2: API Request

Learn more: Creating User Access Tokens

Usage

You must authenticate using HTTP bearer authentication.

You must send an Authorization header with the value Bearer followed by the user access token.

Header example:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbiI6IjYzYTBjOTZhZTJhZTg2N2Q1ZDE3ZjExNCIsImV4cGlyZXNPbiI6MTY3OTI4ODM5OTk5OX0.QZxoPkb2HAl1C0n4C9FTacEmbPb2DHVMa_iPn4cC08o