API: Provide an access token

00001012050600 · Info · (manual) · #api #manual #zettelstore

The authentication process provides you with an access token. Most API calls need such an access token, so that they know the identity of the caller.

You send the access token in the Authorization request header field, as described in RFC 6750, section 2.1➚. You need to use the Bearer authentication scheme to transmit the access token.

For example (in plain text HTTP):

GET /z HTTP/1.0
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJfdGsiOjEsImV4cCI6MTYwMTczMTI3NSwiaWF0IjoxNjAxNzMwNjc1LCJzdWIiOiJhYmMiLCJ6aWQiOiIyMDIwMTAwMzE1MDEwMCJ9.ekhXkvn146P2bMKFQcU-bNlvgbeO6sS39hs6U5EKfjIqnSInkuHYjYAIfUqf_clYRfr6YBlX5izii8XfxV8jhg

Note, that there is exactly one space character (, U+0020) between the string Bearer and the access token: Authorization:␣Bearer␣eyJhbGciOiJIUzUxMiJ9.ey....

If you use the curl➚ tool, you can use the -H command line parameter to set this header field.