Authorization

How to authorise your requests to Akahu's API

User-specific endpoints

This is the type of auth required for most of our endpoints. A good rule of thumb is to ask yourself "Is this request to do with a user?".

The following two headers are required:

Authorization: Bearer {{user access token}}
X-Akahu-ID: {{app access token}}

For more information about getting these, see Getting Started

App-specific endpoints

Some endpoints don't make sense to be user-specific. We provide these resources at the app level, using your app token and secret for authorization.

These endpoints require HTTP Basic Auth, with the username being your App Token and the password being your App Secret.

All endpoints requiring app-specific auth are explicitly labeled in the API reference.