Authentication

Overview
Authentication is implemented as HTTP Basic Authentication over SSL (HTTPS) or by using your API key (under Settings > Profile).

HTTP Basic
To authenticate using CURL, you could use the following command (this example request fetches user profile information):

curl -u '<username>:<password>' -X GET 'https://<region>-app.sinefa.com/api/v1/user.json'

If the username or password are incorrect, a HTTP error code 403 will be returned.

Alternatively, you could use this syntax:

curl -X GET 'https://<username>:<password>@<region>-app.sinefa.com/api/v1/user.json'

Note: Sinefa usernames are email addresses by default, if you are using the alternative method, the email address and password will need to be URL encoded. 

API Key
The API key is passed using the HTTP header 'x-api-key'. To authenticate using CURL, you could use the following command (this example request fetches user profile information):

curl -H 'x-api-key: <api key>' -X GET 'https://<region>-app.sinefa.com/api/v1/user.json'

If the API key is incorrect, a HTTP error code 403 will be returned.

Alternatively, the API key can be passed as a query string parameter, so you could use this syntax:

curl -X GET 'https://<region>-app.sinefa.com/api/v1/user.json?apiKey=<api key>'

Best Practice
It is strongly encouraged that you create a separate, dedicated user account for each 3rd party application that will access our API. It is not recommended to use real user accounts for API access.

See Also
API Overview
How to get date specific reports through API query