Most API requests must be properly authenticated in order to be accepted and processed by the platform. Bearer tokens are used as a proof of identity and must be passed through the Authorization header in your HTTP requests.

Authorization: Bearer {token}

Bearer tokens come in two flavours, each better suited for certain use cases.

Short-lived tokens

Expire after some time, which currently is 24 hours. They are best suited for authenticating humans.

Long-lived tokens

Do not expire, but can be revoked. They are best suited for service-to-service communication.

​
Obtaining tokens

Different methods must be used to obtain the different kinds of tokens.

Custom field formatsOverview