Contents

Authentication

The ShootProof API uses bearer token authentication to authenticate each request. After authorizing and obtaining an access token, you may use the access token as a bearer token to gain access to protected resources.

Using Bearer Tokens

To authenticate with a bearer token, use the Bearer authentication scheme with the Authorization request header field to transmit the access token.

For example:

GET /studio HTTP/1.1
Authorization: Bearer f75dfe33f56c3793795dca279471f08bd96f2a86
Host: api.shootproof.com

Authentication Errors

Unauthorized

If you attempt to make a request without a bearer token for a protected resource, you will receive a 401 Unauthorized response, with an appropriate error message

HTTP/1.1 401 Unauthorized
Content-Length: 216
Content-Type: application/problem+json
Date: Wed, 08 Nov 2017 03:21:45 GMT
Www-Authenticate: Bearer realm="ShootProof Studio Panel API"

{
  "detail": "No authorization credentials provided. You must provide an authorization token for this request.",
  "status": 401,
  "title": "Unauthorized",
  "type": "https://developer.shootproof.com/errors#error-unauthorized"
}

Forbidden

If you attempt to make a request with a bearer token for a protected resource to which you do not have access, you will receive a 403 Forbidden response or, in many cases, a 404 Not Found response, with an appropriate error message.

HTTP/1.1 403 Forbidden
Content-Length: 170
Content-Type: application/problem+json
Date: Wed, 08 Nov 2017 03:30:18 GMT

{
  "detail": "You do not have permission to access the requested brand",
  "status": 403,
  "title": "Forbidden",
  "type": "https://developer.shootproof.com/errors#error-forbidden"
}