Authentication with the API is done using authorization tokens. Management of authorization tokens is performed using the following endpoints. Authentication is performed by setting the authorization token in a header.
For sites with public registration enabled, register and login requests must also provide an
app id that uniquely identifies the application performing the requests. To acquire an
app id, please email firstname.lastname@example.org and include information regarding what your application will do with the data.
Examples of authenticating via the API can be found in our GitHub repository. Additionally, here is an example using curl:
curl -H "Authorization: api AUTHTOKEN" \ -H "X-App-Id: FEDCBA0987654321"
Create an authorization token for an existing user account using the provided credentials.
Request a password reset for a given email. Given that the specified email address has an account, send a password reset link to the email address
Register a new user account. You must be logged in as an Admin to create new user accounts on sites with public registration disabled.
Log out the current user by deleting the authorization token.
Create an authorization token for the specified userid without specifying a password. Note: endpoint only accessible to authenticated admins.