Authentication and authorization

Authentication

The following Sitecore CDP REST APIs use basic authentication:

Guest REST API
Guest data extension REST API
Order REST API
Order item REST API
Order contact REST API
Order consumer REST API
Order data extension REST API
Order item data extension REST API

Basic authentication involves sending a user name and a password with every request. To find your user name and password, in Sitecore CDP, on the navigation pane, click > API access:

The user name is the Client Key.
The password is the API Token.

Sending a user name and a password with a request:

curl -X GET '<baseURL>/v2.1/guests' \
-u '<username>:<password>' \
-H 'Accept: application/json'

Authorization

The Audience export REST API uses the OAuth 2.0 standard with JSON web tokens to authorize REST API requests.

To authorize a REST API request:

Create an API key.
Request an access token using the API key.
Include the access token in the request header of every REST API request.

If you have suggestions for improving this article, let us know!