Authenticating with your Application credentials

After you have registered an application on the site, you can use this application's credentials to authenticate your requests.

This will grant you a higher daily request rate limit in order to be able for your application to consume the API comfortably.

There are two ways you can send your credentials, sending them as GET parameters (discouraged) or as an HTTP request header (Encouraged).

Sending your credentials as an HTTP request

This is the encouraged method for sending your application credentials.

You must include your application's Key and Secret as an HTTP Authorization header in the following format:

Authorization: app <key>:<secret>

For example if my application's key is ABCD and its secret is 1234 I would send authenticate with the following curl command:

$ curl -i -H 'Authozation: app ABCD:1234' https://api.bratabase.com/

You should use your language's HTTP library to add the adequate header to your requests.

Sending your credentials as a GET parameter

This method is not encouraged but it is supported for its simplicity and ease of use.

To do it just send your application's key and secret as app_key and app_secret GET parameters respectively on the URL.

Using the before mentioned example credentials, I would send an authenticated request with the following curl command:

$ curl -i https://api.bratabase.com/?app_key=ABCD&app_secret=1234
Why is this a bad idea? The problem with this method is that your credentials are visible in the URL, and any proxy, server log, or middleware that exists between you and the API may log your request's URLs this way storing your application credentials. They are now on somebody else's hands and your only option is to create a new application.
When is this a good idea? If you plan to use this application to make one off scripts, or don't plan to have users authorize tokens to it, you are good to use this, since you will be tossing this application soon. Remember that you can create as many apps as you like.

Related


Edit