Auth

To interact with any Sensible APIs, your app must be able to authorize using our auth API

Bearer Token

A bearer token Auth header is required in requests to our REST APIs. The token contains not only authentication data for your app, but a set of permissions. To receive a token, send a request using your API keys to our Auth API as outlined in the below reference:

Schema and API Reference

The token's expiration in seconds can be found in the response from the auth endpoint as expires_in. By default it is 24 hours. Since creating a new token is expensive, we recommend storing the token in a cache, such as Memcached, after retrieving it to reduce the number of requests. You can set the expiration time in the cache to be slightly less than the actual token expiration as a buffer.

When a token is expired, a 401: Unauthorized error will be returned. A new token should be retrieved in this scenario to complete the API request.