Authentication and authorization
Authentication
The following Sitecore CDP REST APIs use basic authentication:
-
Guest REST API
-
Guest data extension REST API
-
Order REST API
-
Order item REST API
-
Order contact REST API
-
Order consumer REST API
-
Order data extension REST API
-
Order item data extension REST API
-
Audience sync REST API (legacy)
Basic authentication involves sending a user name and a password with every request. To find your user name and password, in Sitecore CDP, on the navigation pane, click > API access:
-
The user name is the Client Key.
-
The password is the API Token.
Sending a user name and a password with a request:
curl -X GET '<baseURL>/v2.1/guests' \
-u '<username>:<password>' \
-H 'Accept: application/json'
Authorization
The Audience export REST API uses the OAuth 2.0 standard with JSON web tokens to authorize REST API requests.
To authorize a REST API request:
-
Request an access token using the API key.
-
Include the access token in the request header of every REST API request.