All requests to the Graniitti API must be authenticated. The API uses token-based authentication over HTTPS. Requests that are not authenticated or that are sent over plain HTTP always fail.
To authenticate a request, add your personal access token to the request using the
Authorization header, and prefix the token with "Bearer" followed by a space, as shown in the following example.
curl -X GET \ --header 'Authorization: Bearer <access_token>' \ 'https://<graniitti_api_domain>/v0/users'
If you do not already have a token, get it from the Frosmo Control Panel. You can also recreate or revoke an existing token.
Do not make Graniitti API requests in client-side code that is accessible to parties you do not trust, as this will expose your token to them. Use the Graniitti API only in server-side code and in client-side code that is only accessible to parties you trust.
To get your personal access token:
In the Graniitti API section, click Create token.
Copy the token. It will not be shown on the page again.
You now have your personal access token for authenticating with the Graniitti API.
If you forget your personal access token, or if you need a new one for some other reason, you can recreate the token.
Recreating the token renders your previous token invalid. If you have applications that use the previous token, their Graniitti API requests will no longer work after you recreate the token.
To recreate your personal access token:
In the Graniitti API section, click Recreate token.
You have recreated your personal access token. Use the new token in place of the old one in all Graniitti API requests.
If you no longer need your personal access token, you can revoke it.
Revoking the token renders it invalid. If you have applications that use the token, their Graniitti API requests will no longer work after you revoke the token.
To revoke your personal access token:
In the Graniitti API section, click Revoke token.
You have revoked your personal access token and can no longer use it to authenticate Graniitti API requests.