API

Authorization

The API uses Bearer Token authentication (or token authentication). Every request must include an Authorization header with the value of the provided token.
The header should follow the following pattern:
Authorization: Bearer <token>

For safety reasons, the API does not provide any details when a request authorization fails, except the 401 Unauthorized HTTP response code. Consider this response code as a missing or invalid token issue.

Every token is manually created for custom requests, and can be invalidated the same way.
A token can be associated with a user, and multiple tokens (users) can be issued to your company if necessary. This can help in keeping track of user actions.

For more help, please contact your WYB contact, who can forward your questions and requests to IT.