How to authorise and authenticate with Ahiko's APIs

App-specific Endpoints

Some endpoints don't make sense to be user-specific. We provide these resources at the app level, using your Subscription Key for authorisation.

These endpoints require using your Subscription Key as the identity identified by ahiko-app-id.

All endpoints requiring app-specific auth are explicitly labelled in the API reference

User-specific Endpoints

This is the type of authentication required for most of our endpoints. A good rule of thumb is to ask yourself "Is this request related to a specific user?".

When true, the following two headers are required:

Authorization: Bearer {{ User Access Token }}

ahiko-app-id: {{ App ID Token }}