Authentication¶

To authenticate with the API you will need a suitably configured administrator account, with the relevant permissions for the actions you wish to perform.

Administrator accounts can be created and configured here:

https://admin.caremessenger.co.uk

Obtaining the API token for a user¶

To obtain the API token for a user you can send a HTTP POST request to the following URL:

https://api.caremessenger.co.uk/api-token-auth/

This endpoint will return a JSON response when valid username and password fields are POSTed using form data or JSON:

{
    "token": "eyJ0eXAiOiJKV1QiLCJdfdGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo4MjksInVzZXJuYW1lIjoic3RhZ2luZ19zdXBwb3J0ZXIiLCJleHAiOjE2OTE0NDMzODYsImVtYWlsIjoic3RhZ2luZy1zdXBwb3J0ZXJAc3VwLmNvbSIsIm9yaWdfaWF0IjoxNjc1ODkxMzg2fQ.hW1HGaUa9GeFxuxXGouMzBApEaAl4rCjtkrD24lpS4s",
    "user": {
        "id": 829,
        "online": false,
        "user_type": "supporter",
        "username": "staging_supporter",
        "email": "staging-supporter@sup.com",
        "slug": "staging_supporter",
        "first_name": "Staging",
        "last_name": "Supporter",
        "is_active": true,
        "date_joined": "2015-06-04T10:39:15.947944Z",
        "locale": "en-GB",
        "time_zone": "Europe/London",
        "avatar": "https://infotube-api-staging.s3.amazonaws.com:443/users/avatars/f3ef3adac18abf5a241f97208f5679da2da63415.jpg",
        "avatar_original": "https://infotube-api-staging.s3.amazonaws.com:443/users/avatars/f3ef3adac18abf5a241f97208f5679da2da63415.jpg",
        "avatar_thumb": "https://infotube-api-staging.s3.amazonaws.com:443/CACHE/images/users/avatars/f3ef3adac18abf5a241f97208f5679da2da63415/43309b841ae7103e7bf57dbc2b202e11.jpg",
        "avatar_large": "https://infotube-api-staging.s3.amazonaws.com:443/CACHE/images/users/avatars/f3ef3adac18abf5a241f97208f5679da2da63415/5d8a88760bcc4dcf265e4b2e8efe8311.jpg"
    }
}

Making Requests¶

When making requests to the API, a HTTP authorization header must be sent with each request. This authorization header must contain the API token for the user you wish to authenticate with:

Header Name: Authorization
Body: Bearer eyJ0eXAiOiJKV1QiLCJdfdGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo4MjksInVzZXJuYW1lIjoic3RhZ2luZ19zdXBwb3J0ZXIiLCJleHAiOjE2OTE0NDMzODYsImVtYWlsIjoic3RhZ2luZy1zdXBwb3J0ZXJAc3VwLmNvbSIsIm9yaWdfaWF0IjoxNjc1ODkxMzg2fQ.hW1HGaUa9GeFxuxXGouMzBApEaAl4rCjtkrD24lpS4s

Note

To be clear, the body of the header should contain the word ‘Bearer’, then a space, then the token itself:

Bearer eyJ0eXAiOiJKV1QiLCJdfdGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo4MjksInVzZXJuYW1lIjoic3RhZ2luZ19zdXBwb3J0ZXIiLCJleHAiOjE2OTE0NDMzODYsImVtYWlsIjoic3RhZ2luZy1zdXBwb3J0ZXJAc3VwLmNvbSIsIm9yaWdfaWF0IjoxNjc1ODkxMzg2fQ.hW1HGaUa9GeFxuxXGouMzBApEaAl4rCjtkrD24lpS4s