Authentication
Authentication with the API is done using authorization tokens. Management of authorization tokens is performed using the following endpoints. Authentication is performed by setting the authorization token in a header.
For sites with public registration enabled, register and login requests must also provide an app id that uniquely identifies the application performing the requests. Contact the site administrator to request an app id.
Examples of authenticating via the API can be found in our GitHub repository. Additionally, here is an example using curl:
curl -H "Authorization: api AUTHTOKEN" \
-H "X-App-Id: FEDCBA0987654321"POST /user/token
Create an authorization token for an existing user account using the provided credentials.
POST /users/reset_password
Request a password reset for a given email. Given that the specified email address has an account, send a password reset link to the email address
POST /users
Register a new user account. You must be logged in as an Admin to create new user accounts on sites with public registration disabled.
DELETE /user/token
Log out the current user by deleting the authorization token.
POST /user/token/impersonate
Create an authorization token for the specified userid without specifying a password. Note: endpoint only accessible to authenticated admins.