Authentication

Prefinery supports token-based authentication using a secret API key to authenticate requests.

Obtaining an API Key

Log in to your Prefinery account and click the Settings → Company Settings menu in the upper right corner and choose API Keys. Follow the instructions to create your unique API key.

Remember that anyone who has your API key has complete access to your account, so you'll want to guard this key just as you would your username and password. If you fear that your key has been compromised, you can easily expire a key and generate a new one from within your account.

Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Method 1: HTTP Basic Authentication

Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value. You do not need to provide a password.

  
curl -u y0urAPIk3y: https://api.prefinery.com/api/v2/betas/1/testers/1.json
  

Note: The colon prevents curl from asking for a password.

Method 2: Bearer Token Authentication

Bearer authentication gives access to the "bearer of the token." If you need to authenticate via bearer auth (e.g., for a cross-origin request), send your API key in the Authorization header, like so:

  
curl -H 'Authorization: Bearer y0urAPIk3y' https://api.prefinery.com/api/v2/betas/1/testers/1.json
  

Method 3: URL Parameter

Passing your API key as a URL parameter is the least secure method of authentication. While we do not recommend this method, you can append the api_key parameter to your requests, like so:

  
curl https://api.prefinery.com/api/v2/betas/1/testers/1.json?api_key=y0urAPIk3y