Basic authentication is an authentication method supported by the API.
Basic authentication is a standard mechanism for providing authentication to an API. It accepts a username and password.
Specifically to Smooch, the username and password comes from API keys. The username is the id and the password is the secret.
API libraries simplify the usage of basic authentication by accepting directly a
password. See their documentation for specific instructions.
The credentials are passed through the HTTP
Authorization header. The content is
Basic, followed by a space, followed by the base 64 of the string that contains the API key id and secret joined by
Authorization: Basic base64("keyid:secret")
However, most languages have HTTP libraries offer a way to pass the API key id and secret as the username/password directly.
curl supports the
--user option to simplify the usage of basic authentication.
# Fetching an app user curl https://api.smooch.io/v1.1/5963c0d619a30a2e00de36b8/appusers/c7f6e6d6c3a637261bd9656f \ --user 'keyId:keySecret'
As explained in the authentication overview, each request has an associated scope of access. When using basic authentication, the scope of access is determined implicitly by the owner of the API key used in the request.
|API key owner||scope of access|
|App (most common)|