Every API request needs to be sent in with an authentication token. The token can be appended to the GET, POST, or even a POSTed JSON, but it must be there.
If you’re a previous user of the API, please read, this has changed! You can now manage your own authentication tokens from your SourceAudio site. Using an admin account, head to:
Admin > Edit Site Settings > API
There you can see the currently active tokens, change their permissions, and add new ones.
With a fully permissioned token, you could erase every track on your site, so please be careful with your tokens.
- If an employee that had access to your token leaves, make a new token.
- Generate a new token for every vendor you work with, in case you stop working with them in the future and want to remove the token.
- Be wary of posting authenticated requests to Slack or email chains, that could be forwarded easily without realizing who has access.
- If in doubt, replace your token. It only takes a second.