Authentication
All calls to the API need to be authenticated using Application Keys
or Access Tokens
.
An Application Key
allows you to register application users. User Tokens
allow you to perform actions on behalf of a registered user, including logging and viewing meals.
Admin Tokens
are used to perform administrative operations such as managing applications and users.
HTTP Authorization Headers
Tokens and application keys should be included using an Authorization
HTTP header with the Bearer
authentication scheme in the following format:
Authorization: Bearer asklh2kl5rh3lkdfsjahfadjkls
Application Key
The API for creating users is authenticated using an application key. The application key is safe to include and publish in mobile apps. An application key is generated for you when you create a new application on the applications dashboard page.
For more on Applications Key see the API Reference.
User Token
All user specific calls are authenticated using user tokens. You can view active user tokens here.
The token should be provided with each request using the Authorization
HTTP Header. The value of the header must start with
Bearer
followed by the token. Below is an example of using the key to authenticate an API call.
For more information please see the API reference on User Bearer Tokens.
Admin Token
The API has admin tokens which are used to authenticate endpoints for managing applications or users. This token must never be included in client side code. You can access the list of your administrative tokens for your account here.
It should be included in your requests via the Authorization
HTTP Header. The value of the header must start with
Bearer
followed by your key. Below is an example of using the key to authenticate an API call.
import biteaiadmin = biteai.Admin(token='[insert token here]')apps = admin.applications.list()
For more information please see the API reference on Admin Bearer Tokens.