Most of the Resources in the REST API are protected by security privileges granted to a
specific user. Each HTTP request to a protected Resource in the REST API must be
accompanied by one of the two supported Authentication methods.
PUSHTech™ Authentication passes the Account ID from PUSHTech™ and the Account Secret or Account Master Secret to the REST API in an Authorization.
Authorization HTTP header with each request
In the Authorization HTTP header, the account secret or the account master secret are introduced after the String 'Token token='.
The account secret dGVzdEBleGFtcGxlLmNvbTpsZXRtZWlu, will result in the Authorization header: 'Token token=dGVzdEBleGFtcGxlLmNvbTpsZXRtZWlu'
A sample HTTP header would look like the following:
Account requests require a secret token from the related account. All such requests require the HTTP header:
'Authentication: Token: token' along with the account token.
App requests require a secret token from the related application. Each app will have its own authentication token. All app requests require the HTTP header: 'Authentication: Token: token'.
This website stores cookies on your computer. These cookies are used to improve our website and provide a more personal experience both here and on our connecting media pages. To find out more about the cookies we use, see our