Authentication
How to authenticate with the Joyfill Platform
You can authenticate requests to Joyfill using an API key or a User Access Token. Joyfill responds with an error if you don’t include a valid authentication method or if the authentication method is expired.
- API Keys - Used for authenticating secure backend requests.
- User Access Tokens - Used for authenticating client-side (web & mobile) requests.
API Keys
API Keys are used for authenticating secure backend requests. API Keys can be created inside the Joyfill Manager API Keys page.
Creation
You can use the Joyfill Manager to view, revoke, and create API keys.
Follow the steps below to create a new API Key inside Joyfill Manager:
- Step 1: In the top navigation bar select the "Settings and Users" tab. When the menu appears select "API Keys". This will navigate you to the API Keys page.
- Step 2: Select the "Add Key" button (securely copy and store your public and secret key. This is the only time you will have access to the secret key.)
- Step 3: You will need to base64 encode your Public and Secret keys before they can used with the API. See instructions below.
Base64 Encoding
You can encode your API keys using the command: echo -n <YOUR_PUBLIC_KEY>:<YOUR_SECRET_KEY> | base64
. An example of the command is shown below:
echo -n pk_pnUBoEpGNtCq31LbY3Oxgvsw2UO9:sk_SVcxWggo642Wq3sfVW8AuxIFw2cT | base64
Usage
You must authenticate using HTTP basic authentication. Use your API Public Key as the username, and the API Secret as the password.
You must send an Authorization header with the value Basic followed by base 64 encoded public_key:secret_key
.
Header example:
Authorization: Basic cHVibGljX2tleV9leGFtcGxlOnNlY3JldF9rZXlfZXhhbXBsZQo
User Access Tokens
User Access Tokens are used for authenticating client-side (web & mobile) application requests .
User access tokens can be created, retrieved and revoked via the User Access Token API endpoints and inside the Joyfill Manager users page.
Creation
There are two ways to create a User Access Token. The first is from the user page within the Joyfill Manager and the other is via our API. See below for more details.
Option 1: Joyfill Manager
Follow the steps below to generate a User Access Token for your own user account in the Joyfill Manager:
- Step 1: Login to the Joyfill Manager
- Step 2: In the top navigation bar select the "Settings and Users". When the menu appears select "Manager Users". This will navigate you to the Users page.
- Step 3: Select the "Access Tokens" button next to your user account.
- Step 4: Click the "Add Access Token" button (securely copy and store your user access token.)
Option 2: API Request
Learn more: Creating User Access Tokens
Usage
You must authenticate using HTTP bearer authentication.
You must send an Authorization header with the value Bearer followed by the user access token.
Header example:
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbiI6IjYzYTBjOTZhZTJhZTg2N2Q1ZDE3ZjExNCIsImV4cGlyZXNPbiI6MTY3OTI4ODM5OTk5OX0.QZxoPkb2HAl1C0n4C9FTacEmbPb2DHVMa_iPn4cC08o
Updated 4 months ago