{"_id":"5845a4a89f6fbb1b004307c6","parentDoc":null,"user":"55a04a395730f40d001104d2","__v":1,"category":{"_id":"5845a4a89f6fbb1b004307ba","__v":0,"version":"5845a4a89f6fbb1b004307b7","project":"54d3007669578e0d002730c9","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-07-30T06:53:33.020Z","from_sync":false,"order":2,"slug":"api-reference","title":"API reference"},"project":"54d3007669578e0d002730c9","version":{"_id":"5845a4a89f6fbb1b004307b7","project":"54d3007669578e0d002730c9","__v":2,"createdAt":"2016-12-05T17:32:24.708Z","releaseDate":"2016-12-05T17:32:24.708Z","categories":["5845a4a89f6fbb1b004307b8","5845a4a89f6fbb1b004307b9","5845a4a89f6fbb1b004307ba","5845a4a89f6fbb1b004307bb","5845a4a89f6fbb1b004307bc","5845a4a89f6fbb1b004307bd","5845a4a89f6fbb1b004307be","5845a4a89f6fbb1b004307bf","5845a4a89f6fbb1b004307c0","592deb23644f060f008e5aa6"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"25.0.0","version":"25"},"updates":["57b60533d3092517007cfb9b","585ee587f5e1053700c93f28"],"next":{"pages":[],"description":""},"createdAt":"2015-07-30T06:55:57.824Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":1,"body":"Each API request requires authentication to identify the agent that is responsible for making the request. Authentication is provided through an access token.\n\nThere are two access tokens for each agent. The **developer access token** is used for managing entities and intents, and the **client access token** is used for making queries. The client access token may not be as secure because it may be stored as part of the app, and it may potentially be discovered. There is a way to regenerate the client key if it is compromised.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Obtaining Access Tokens\"\n}\n[/block]\nTo obtain the access token, choose the required agent from the **Agents** dropdown and click the **Settings** icon <i class=\"fa fa-cog\"></i> next to it.\n\nThe agent's settings will be opened. In the **API keys** section you'll find two access tokens that you will use for authentication.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/R0WWGe8yRoOvxQb8dBkx_authentication_tokens.png\",\n        \"authentication_tokens.png\",\n        \"2182\",\n        \"1256\",\n        \"#237d4c\",\n        \"\"\n      ],\n      \"sizing\": \"full\"\n    }\n  ]\n}\n[/block]\n\n[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"\",\n  \"body\": \"If you haven't any agents yet, follow [Get Started Guide](doc:get-started#step-1-create-agent) to create your own agent.\"\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Using Access Tokens\"\n}\n[/block]\nFor each API request, include this HTTP header:\n\n`Authorization` with the value `Bearer {access_token}`. \nFor example:\n    \n    \tAuthorization: Bearer YOUR_ACCESS_TOKEN\n[block:callout]\n{\n  \"type\": \"warning\",\n  \"body\": \"Use the developer access token for managing entities and intents and the client access token for making queries.\",\n  \"title\": \"\"\n}\n[/block]","excerpt":"","slug":"authentication","type":"basic","title":"Authentication"}
Each API request requires authentication to identify the agent that is responsible for making the request. Authentication is provided through an access token. There are two access tokens for each agent. The **developer access token** is used for managing entities and intents, and the **client access token** is used for making queries. The client access token may not be as secure because it may be stored as part of the app, and it may potentially be discovered. There is a way to regenerate the client key if it is compromised. [block:api-header] { "type": "basic", "title": "Obtaining Access Tokens" } [/block] To obtain the access token, choose the required agent from the **Agents** dropdown and click the **Settings** icon <i class="fa fa-cog"></i> next to it. The agent's settings will be opened. In the **API keys** section you'll find two access tokens that you will use for authentication. [block:image] { "images": [ { "image": [ "https://files.readme.io/R0WWGe8yRoOvxQb8dBkx_authentication_tokens.png", "authentication_tokens.png", "2182", "1256", "#237d4c", "" ], "sizing": "full" } ] } [/block] [block:callout] { "type": "info", "title": "", "body": "If you haven't any agents yet, follow [Get Started Guide](doc:get-started#step-1-create-agent) to create your own agent." } [/block] [block:api-header] { "type": "basic", "title": "Using Access Tokens" } [/block] For each API request, include this HTTP header: `Authorization` with the value `Bearer {access_token}`. For example: Authorization: Bearer YOUR_ACCESS_TOKEN [block:callout] { "type": "warning", "body": "Use the developer access token for managing entities and intents and the client access token for making queries.", "title": "" } [/block]