Use an API token

Use an API token to programmatically authenticate a user or a service through API calls.

Pass an API token with an API request

To use an API token to programmatically authenticate a user or a service:

  1. Sign in to the Intelligence Center.

  2. Create an API token.

  3. Pass it as a Bearer token: include the Authorization: Bearer ${API_token_value} HTTP header in any API requests to the public API endpoints of the Intelligence Center.
    Example:

    # Example: request a complete list of content packages for the specified feed
    curl -X GET \
    -v \
    --insecure \
    -i \
    -H "Content-Type: application/json" \
    -H "Authorization:Bearer eyJhbGciOiJU ... wiZ1oxNTEwaTIyNDcwfQ.eyJ1c2VyX2lk1jo3fQ.3o65E263hSGf4od5o4eoME2GRF-CnYJvaVg69YTq9HU" \
    --url https://${intelligence_center_host}/feeds/downloads/200

    • If you make HTTPs cURL calls to the API, and if you have a self-signed or an invalid certificate, include the -k or the --insecure parameter in the cURL call to skip the SSL connection CA certificate check.

    • Always append a / forward trailing slash at the end of an API URL endpoint.
      The only exception is /auth, which does not take a forward trailing slash.

    • In the cURL call, the -d data payload with the entity information must be flat JSON, not hierarchical JSON.
      To pass a hierarchical JSON object, include the --data-binary parameter, followed by the path to the JSON file, for example @/path/to/entity_file.json
      Example: --data-binary @/path/to/entity_file.json