Authentication
- API for VC funds tracker
- Authentication
- Basics
- Data
- Fund
The Parsers.me API uses JSON Web Token (JWT) to authenticate requests. Each call to a API method must include a valid token that is obtained by authenticating with Parsers.me.
To get it you need to send your username and password over basic http authentication and receive a bearer token in response.
Get Bearer Token
You authenticate yourself using basic authentication (username, password) when you get bearer token. The Authorization is set in the HTTP header. The type is Basic and the credentials are a base64-encoded string consisting of the username and password joined with a colon (i.e., username:password).
To get bearer token with api key, provide key as the basic auth username value. You do not need to provide a password. Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
POST https://eapi.parsers.me/v2/auth/token
Request Headers
Authorization: Basic base64({username}:{password})
Success responce:
Status 200 OK
{
"token": "eyJhbGciOiJSUzI1Ni...m9lG-JA"
}
Parameters
| Field | Required | Default Value/Description |
|---|---|---|
| token | Yes | Authentication token to be used for all other API calls. The token must be sent in the authorization header in the format: Authorization: Bearer <authentication-token> |
Error
| Status | Description |
|---|---|
| 400 BadRequest | Username and/or password is not specified |
| 401 Unauthorized | Username and/or password that was sent with the login request is invalid |
Authorizing API calls
For your initial call, use your username and password for basic authentication. For all other secure interactions, you must use the bearer token that is returned after a successful authentication.
Usage
The tokens are sent in the authorization header of the HTTP request for many of API calls. In particular, notice in the following example that the type of authorization that is used with this token is Bearer.
HTTP-METHOD /secured-path
Request Headers
Authorization: Bearer {your-auth-token}
For all secured paths, we validate the token. During validation, if a token is found to be expired, that token is removed from the system. Upon successful validation, the request is allowed to proceed. Requests made with an invalid token receive a 401 Unauthorized error code.