Authentication

How to get connected

API Personal Access Tokens

To connect to REST API, you will need a Personal Access Token (PAT).

You can create an API Access Token within the Airship dashboard. Head to Users > Personal Access Tokens to do this. We have full details on how to do this over on our Academy article here >‚Äč

Tokens

REST API uses Personal Access tokens to authenticate API requests. So before making any request to a protected resource, you'll need to make sure you have a valid token, as you'll need to include this in your authorisation header on each request.

Personal Access Tokens do not refresh. Make sure you handle and store this token securely. If it becomes compromised, make sure you revoke access for it.

Using tokens in requests

Whenever the user wants to access a protected route or resource, the user agent should send their token in the Authorization header using the Bearer schema. The content of the header should look like the following:

Authorization: Bearer <access_token>

Authentication failure

If you are not authorised and you attempt to make a request to a protected endpoint, the API will return JSON with errors.Authentication Failure

{
"errors": [
{
"message": "Unauthorized",
}
]
}