Basic Authentication

Basic authentication is an authentication method supported by the API.

Basic authentication is a standard mechanism for providing authentication to an API. It accepts a username and password.

Specifically to Sunshine Conversations, the username and password comes from API keys. The username is the id and the password is the secret.

Usage

API Libraries

API libraries simplify the usage of basic authentication by accepting directly a username and password. See their documentation for specific instructions.

Manually

The credentials are passed through the HTTP Authorization header. The content is Basic, followed by a space, followed by the base 64 of the string that contains the API key id and secret joined by :.

Pseudo code:

Authorization: Basic base64("keyid:secret")

However, most languages have HTTP libraries offer a way to pass the API key id and secret as the username/password directly.

curl

curl supports the --user option to simplify the usage of basic authentication.

# Fetching an app user
curl https://api.smooch.io/v1.1/5963c0d619a30a2e00de36b8/appusers/c7f6e6d6c3a637261bd9656f \
     --user 'keyId:keySecret'

Scope of access

As explained in the authentication overview, each request has an associated scope of access. When using basic authentication, the scope of access is determined implicitly by the owner of the API key used in the request.

API key ownerscope of access
App (most common)app - All of the users and conversations created within an app, as well as app configuration details including integrations and webhooks.
User accountaccount - see the account provisioning guide for more information
Service accountaccount - see the account provisioning guide for more information