API Authentication Bearer Token


When integrating with an API (application programming interface) call, you must set up authentication. One form of authentication is Bearer Tokens. This authentication requires the person making the API call to enter a unique token. With the correct token, or access code, the API call responds to the request successfully.

Bearer tokens take the form of cryptic strings generated by the integrated service. When you submit a request using a Bearer Token, you don’t have to request on behalf of an individual. Instead, you request on behalf of an application.

Common APIs that need bearer tokens are SendGrid, Postman, and Twitter.

What You'll Learn

In this article, you'll learn how to:

Setting Up Bearer Token Authentication

Before using a bearer token in your API calls, you must select the right authentication. You can do that when you set up a new service.

To add a new service with bearer token authentication: 

1. Click the Administration tab at the top right of the screen.
2. Under Integration, click Services Administration.
3. Select Bearer Token from the Type of authentication drop-down menu.
4. Enter the bearer token in the Bearer Token field. You'll get your bearer token from the service you want to integrate with.

After you enter the bearer token, you don't need to add the Bearer information. Unqork adds this information automatically when choosing this authentication type.

Now, any time Unqork makes a call to that API, it sends the token in the Authorization header. Here's what the header looks like: Authorization: Bearer <your token here>.

Testing Bearer Token Authentication

Before finalizing your bearer token authentication, you'll want to test it. To do that, you'll test your new service integration. You can test your new integration by making an API call in any module. You can also test your integration using an external tool such as Postman. If your API call is successful, your authentication is set up correctly. But, if you receive a 400 error, read the error message. Based on the error returned, take the necessary actions to fix your authentication for your integration.