Authentication

Use an API key sent as authorization header.

authentication

You can use your regular account to use the api or a long lived api token. Authentication can de done via the /auth/login endpoint.

curl -X POST https://partner-api.zolder.io/auth/login -H 'Content-Type: application/json' -d '{"email":"USERNAME","password":"PASSWORD","token":"TOTPTOKEN"}'

creating a long lived api token

We suggest creating a dedicated account to create a long-lived api token. Management of the API tokens can be done via the /auth/sessions endpoint. You can use the browser to perform authentication (username/password and mfa token) then copy the bearer token to create the long-lived session token.

curl -X POST https://partner-api.zolder.io/auth/sessions -H 'Authorization: Bearer token' -H 'Content-Type: application/json' -d '{"password": "api-token-account-password", "description": "Our-Long-Lived-Token"}'

A token is returned that can be used for 1 year. Want to see if your new token was created use the token to retrieve the current sessions by sending a GET request to: /auth/sessions using your newly created long-lived token.

Be sure to store the long-lived session token in a secure place. If it leaks use /auth/sessions/{uuid} endpoint to delete the token. And please contact us.