Bearer authentication

The Writer API uses API keys for authentication - please reach out to your admin to generate an API key for your requests.

Do not share your API keys with others or expose it in any client-side code (browsers, apps). You should never, ever store these values in any publicly accessible location. We recommend storing them as environment variables or accessed from a key management service.

Authorization Type

Writer uses bearer authentication (also called token authentication), which is an HTTP authentication scheme that involves security tokens called bearer tokens. Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. The name “Bearer authentication” can be understood as “give access to the bearer of this token.” The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources:

Authorization: Bearer <token>

The Bearer authentication scheme was originally created as part of OAuth 2.0 in RFC 6750, but is sometimes also used on its own. Similarly to Basic authentication, Bearer authentication should only be used over HTTPS (SSL).