Basic HTTP authentication
HTTP Basic authentication works on all Sinch REST APIs. Basic auth is often the preferred option for testing because it is simple and easy to use.
Important!
Basic authentication is intended for test purposes only, and should only be used for experimenting with APIs and building prototypes. API calls using basic authentication are heavily rate limited, and these limits may change at any time without warning. Production systems should use OAuth access tokens instead.
Basic authentication is sent in the authorization header with each call.
No matter the programming language, there are three main components for successful basic authentication in a request:
-
The designation of authorization type, which is
basic
-
The
username
, which in Sinch's case isYOUR_Key_ID
, corresponding to your project -
The
password
, which isYOUR_Key_Secret
, again, corresponding to the project
You can view and manage your API credentials here.
Need help?
Check out this article for a walk-through on finding your key and secret.
Note:
When you're ready for production, be sure to check out our OAuth2.0 authentication process for greater security.
To use basic auth in an API call, do the following:
- First, create a new access key in the Customer Dashboard by clicking Create Access Key .
-
Copy your
project ID
,
key ID
, and
key secret
.
Important:
Keep your key secret somewhere safe as it is only viewable upon initial project creation. The project ID and key ID are always readily available in the Customer Dashboard. If you misplace your key secret, simply generate a new key!
-
Use your key ID as the username (sometimes called the
client_id
) and your key secret as the password (can be referred to as theclient_secret
) in every call made to a Sinch API.
Examples
This example will get available numbers in the US using the Numbers API. Replace all relevant parameters with your credential (including the curly braces {}
).
curl -i -X GET \
'https://numbers.api.sinch.com/v1/projects/{YOUR_projectId}/availableNumbers?regionCode=US&type=LOCAL' \
-H 'Content-Type: application/json' \
-u {YOUR_Key_ID}:{YOUR_Key_Secret}
That's it!