Learn about HTTP basic authentication to the Care APIs
Most Care and Care Analytics API endpoints use HTTP Basic Authentication via an Authorization header.
Requests to the Bot v3 API use JWT authentication. All other Care and Care Analytics endpoints authenticate using basic authentication.
We provide several levels of API access. All require enablement by Support .
We recommend creating these distinct API user accounts types:
- A Base API user account - (Optional) A user account that has standard API access to all SMM APIs except the Analytics Reports, Bot, and GDPR APIs. If you are unsure whether your company has a user account with necessary access permissions, contact Khoros Support.
If you do not need multiple user accounts with base API access, simply create an Analytics Reports API user account. Analytics Reports API access also provides access to all base SMM API endpoints (Author, Conversation, Conversation Tag Rules, Listening, Smart Views, Tag, and Work Queues). Then, create separate GDPR and Bot API user accounts.
- An Analytics Reports API user account - A user account that has access to the Analytic Reports API and the base SMM APIs, but not the Bot or GDPR APIs.
- A GDPR API user account - A user account that has access to the GDPR API only. The GDPR endpoints permanently delete user details including author profiles and created content. We recommend using a distinct user account to call these endpoints to limit the users able to make such calls.
- A Bot API user account - A user account that has access to the Bot API only. This user account is limited to the specific set of APIs used by bots. We make this separation so that third-party bot developers cannot call other SMM APIs that provide access to SMM data.
These API user accounts should be separate from any other agent, supervisor, or other user accounts in order to avoid giving API access to a wide variety of users.
The following table lists the APIs supported by our recommend API user accounts and the information required to enable them.
|User Account Type||Supported APIs||Support Ticket Details|
|Base API User (optional)||AuthorConversationConversation Tag RulesListeningSmart ViewsTagWork Queue||In your Support ticket include:- Name of the user account- Request for "API Access"|
|Analytics API User||Analytics ReportsAuthorConversationConversationTag RulesListeningSmart ViewsTagWork Queue||In your Support ticket include:- Name of the user account- Request for "Analytics API Access"After Support has enabled access to this user account, you will see the Analytics API User Account details in Account Admin > General Settings > Analytics API Settings. You will need these details when calling to the Analytics Reports endpoints.|
|GDPR API User||GDPR||In your Support ticket include:- Name of the user account- Request for "api_restricted" role|
|Bot API User||Bot||In your Support ticket include:- Name of the user account- Request for "Bot API Access"|
Basic Authentication Example
In the example below, we are creating a simple API call using basic authentication. While the example below points to a specific API call using curl, the process is very much the same across supported APIs (except for Bot v3, which uses JWT) whether you're using curl or any other method to call the API.
curl -L -u [USERNAME]:[PASSWORD] 'https://RESPONSE_INSTANCE/api/v2/authors/networks/twitter/handles/TWITTER_HANDLE'
Updated 4 months ago