How to authenticate with Akahu's API

User-specific endpoints

This is the type of authentication required for most of our endpoints. A good rule of thumb is to ask yourself "Is this request related to a specific user?".

The following two headers are required:

Authorization: Bearer {{ User Access Token }}
X-Akahu-ID: {{ App ID Token }}

For more information about getting these, see Getting Started

App-specific endpoints

Some endpoints don't make sense to be user-specific. We provide these resources at the app level, using your App ID Token and secret for authentication.

These endpoints require HTTP Basic Authentication, using your App ID Token as the username and your App Secret as the password.

All endpoints requiring app-specific auth are explicitly labelled in the API reference.