- Getting started
- About this guide
- Available resources
- Authentication methods
- API endpoint URL structure
- Enumeration List
- Authentication
- Scopes and permissions
- Platform Management APIs
Authentication methods
Our API supports various authentication methods, each tailored to different scenarios and use cases. Here's an overview of the authentication methods available:
-
OAuth 2.0 for External Apps: OAuth 2.0 is designed for third-party applications seeking access to our platform on behalf of users. It facilitates secure authorization without exposing user credentials. External apps can register with us, obtaining client credentials that identify them. This method is recommended for larger integrations and applications accessing multiple users' data.
-
API Keys (not recommended): API keys offer a simple way to authenticate requests by attaching a key to each API call. While not as robust as some other methods, API keys are useful for resources or scenarios where fine-grained control isn't necessary, since they iffer limited access control, granting access to all endpoints associated with the key.
-
ROPC (not recommended): Resource Owner Password Credentials (ROPC) is an authentication method that allows users to provide their username and password directly to the authorization server to obtain an access token. It is less secure and not recommended compared to token-based methods like OAuth or personal access tokens.
