Authentication

Overview
Authentication is implemented as HTTP Basic Authentication over SSL (HTTPS) or by using your API key (under Settings > Profile).

HTTP Basic
To authenticate using CURL, you could use the following command (this example request fetches user profile information):

curl -u <username>:<password> -X GET https://app.sinefa.com/api/v1/user.json

If the username or password are incorrect, a HTTP error code 403 will be returned.

Alternatively, you could use this syntax:

curl -X GET https://<username>:<password>@app.sinefa.com/api/v1/user.json

Note: Sinefa usernames are email addresses by default, if you are using the alternative method, the email address and password will need to be URL encoded.

API Key
The API key is passed using the HTTP header 'x-api-key'. To authenticate using CURL, you could use the following command (this example request fetches user profile information):

curl -H 'x-api-key: <api key>' -X GET https://app.sinefa.com/api/v1/user.json

If the API key is incorrect, a HTTP error code 403 will be returned.

Alternatively, the API key can be passed as a query string parameter, so you could use this syntax:

curl -X GET https://app.sinefa.com/api/v1/user.json?apiKey=<api key>

Best Practice
It is strongly encouraged that you create a separate, dedicated user account for each 3rd party application that will access our API. It is not recommended to use real user accounts for API access.

See Also
API Overview
How to get date specific reports through API query