The ShootProof API uses bearer token authentication to authenticate each request. After authorizing and obtaining an access token, you may use the access token as a bearer token to gain access to protected resources.
To authenticate with a bearer token, use the Bearer authentication scheme with the Authorization request header field to transmit the access token.
For example:
GET /studio HTTP/1.1
Authorization: Bearer f75dfe33f56c3793795dca279471f08bd96f2a86
Host: api.shootproof.com
If you attempt to make a request without a bearer token for a protected resource, you will receive a 401 Unauthorized response, with an appropriate error message
HTTP/1.1 401 Unauthorized
Content-Length: 216
Content-Type: application/problem+json
Date: Wed, 08 Nov 2017 03:21:45 GMT
Www-Authenticate: Bearer realm="ShootProof Studio Panel API"
{
"detail": "No authorization credentials provided. You must provide an authorization token for this request.",
"status": 401,
"title": "Unauthorized",
"type": "https://developer.shootproof.com/errors#error-unauthorized"
}
If you attempt to make a request with a bearer token for a protected resource to which you do not have access, you will receive a 403 Forbidden response or, in many cases, a 404 Not Found response, with an appropriate error message.
HTTP/1.1 403 Forbidden
Content-Length: 170
Content-Type: application/problem+json
Date: Wed, 08 Nov 2017 03:30:18 GMT
{
"detail": "You do not have permission to access the requested brand",
"status": 403,
"title": "Forbidden",
"type": "https://developer.shootproof.com/errors#error-forbidden"
}