Faveo API version 3 uses OAuth token to grant access to the API endpoints which require user authentication. If you call an API that requires authentication without passing the OAuth token it will return the below response with HTTP status code 422.

{
    "result": {
        "fails": "Unauthorized! Please login again"
    }
}

Note: Faveo API v3 does not allow to send the token as a request body or parameter instead you should include the token as Bearer Token for Authorization in your request headers.

The OAuth token can simply be generated by calling the login API(v3) which returns the OAuth token in its response on successful login. This token should be sent as a Bearer token in the request authorization headers.

To send a bearer token for authorization against a protected resource send only one Authorization header in the following format:

Authorization: Bearer your_token_here

Examples:

PHP Curl Request

$curl = curl_init();
 
curl_setopt_array($curl, array(
  CURLOPT_URL => "https://{your-faveo-url}/v3/api/api-end-point",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "GET",
  CURLOPT_HTTPHEADER => array(
    "authorization: Bearer eyJ0eXAiOiJKC12iLCJhbGciOiJSUzI1NiIsImp0aSI6IjEyZDBhMDdmMzBiMTExZmY5ZThhZGFhMzEwYzNmOGRjZTFiZGQxOWIzN2U2MTQ0Zjc1MDUzOWM1MTZjNTU0ZWQxZTFiYzNhODRjMDQwNTg2In0.eyJhdWQiOiI3IiwianRpIjoiMTJkMGEwN2YzMGIxMTFmZjllOGFkYWEzMTBjM2Y4ZGNlMWJkZDE5YjM3ZTYxNDRmNzUwNTM5YzUxNmM1NTRlZDFlMWJjM2E4NGMwNDA1ODYiLCJpYXQiOjE1ODM0MjQ4MTQsIm5iZiI6MTU4MzQyNDgxNCwiZXhwIjoxNjE0OTYwODE0LCJzdWIiOiIyNzY4Iiwic2NvcGVzIjpbXX0.pHQ4lUC8ZDQ0lHEOkkdfOn70oL8djvbe1sUGL7nt-CUgBkSUbWKqkrf-1JZTp44glm3Yp-Sv4gOVRbQUFzKxQxn_7NG2-5PSQRDrtOi552q2bsWsVZaceJCnzdPAbCWuYrNbnX1qO00sYNhoO3gM8ZaC2BdYXl4jAYF2S-ldsj_lPX7RzUjNnQYug1RuOeRrcWXblkCmR6KOjFxgRBchrzcTEPmrbUQTCxLOw2SdzGUdYHq2jsqtLn7rI9NOOFOi9590MXjOTBFRlRtb0SUcsix6MvayvaX_LMtsNzgH6DpifDMfs_5ExTJVnrTgVsTPXxlBuMWFrK0lyarGjIS8Qcpirt3UHtus2_ep5ED9dii-gCyT5VabsK5XYp9Ii5XtwLkApT6Hu9B27odJpCoh7Qz4PQEUltom-W_eHmqHubr_ufwHVpSYEPsrKjKpDLcY7bGznMu8URRdEfFj8PZJWUfRarefwgNwO8piVAHqzY6yBRNHWLgAvduFI4eO6iKNX1FkLeI-maxiO9gXa4fqQD4bOkJdQb3ngxRVp02SzHeLvXYY8ThPuDSvRYykxoeCsMoAkL-nM33m5xf_mxdBfD_ITh4RPHOPHftAVDPtWshPidovbB14dpFQ0e8xER06RCclcL22cQvyZKcrCtG_eW7kD3I28--O6Bm6Eb0qweR",
    "cache-control: no-cache"
  ),
));
 
$response = curl_exec($curl);
$err = curl_error($curl);
 
curl_close($curl);
 
if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

jQuery AJAX 

var access_token = 'eyJ0eXAiOiJKC12iLCJhbGciOiJSUzI1NiIsImp0aSI6IjEyZDBhMDdmMzBiMTExZmY5ZThhZGFhMzEwYzNmOGRjZTFiZGQxOWIzN2U2MTQ0Zjc1MDUzOWM1MTZjNTU0ZWQxZTFiYzNhODRjMDQwNTg2In0.eyJhdWQiOiI3IiwianRpIjoiMTJkMGEwN2YzMGIxMTFmZjllOGFkYWEzMTBjM2Y4ZGNlMWJkZDE5YjM3ZTYxNDRmNzUwNTM5YzUxNmM1NTRlZDFlMWJjM2E4NGMwNDA1ODYiLCJpYXQiOjE1ODM0MjQ4MTQsIm5iZiI6MTU4MzQyNDgxNCwiZXhwIjoxNjE0OTYwODE0LCJzdWIiOiIyNzY4Iiwic2NvcGVzIjpbXX0.pHQ4lUC8ZDQ0lHEOkkdfOn70oL8djvbe1sUGL7nt-CUgBkSUbWKqkrf-1JZTp44glm3Yp-Sv4gOVRbQUFzKxQxn_7NG2-5PSQRDrtOi552q2bsWsVZaceJCnzdPAbCWuYrNbnX1qO00sYNhoO3gM8ZaC2BdYXl4jAYF2S-ldsj_lPX7RzUjNnQYug1RuOeRrcWXblkCmR6KOjFxgRBchrzcTEPmrbUQTCxLOw2SdzGUdYHq2jsqtLn7rI9NOOFOi9590MXjOTBFRlRtb0SUcsix6MvayvaX_LMtsNzgH6DpifDMfs_5ExTJVnrTgVsTPXxlBuMWFrK0lyarGjIS8Qcpirt3UHtus2_ep5ED9dii-gCyT5VabsK5XYp9Ii5XtwLkApT6Hu9B27odJpCoh7Qz4PQEUltom-W_eHmqHubr_ufwHVpSYEPsrKjKpDLcY7bGznMu8URRdEfFj8PZJWUfRarefwgNwO8piVAHqzY6yBRNHWLgAvduFI4eO6iKNX1FkLeI-maxiO9gXa4fqQD4bOkJdQb3ngxRVp02SzHeLvXYY8ThPuDSvRYykxoeCsMoAkL-nM33m5xf_mxdBfD_ITh4RPHOPHftAVDPtWshPidovbB14dpFQ0e8xER06RCclcL22cQvyZKcrCtG_eW7kD3I28--O6Bm6Eb0qweR';
jQuery.ajax( {
    url: 'https://{your-faveo-url}/v3/api/api-end-point',
    type: 'POST',
    data: { content: 'testing testing' },
    beforeSend : function( xhr ) {
        xhr.setRequestHeader( 'Authorization', 'BEARER ' + access_token );
    },
    success: function( response ) {
        // response
    }
} );

Postman Example

  • Using Headers tab
bearer-token-postman-examplet
Shows how to pass bearer token in postman as Authorization header using Headers tab

 

  • Using the Authorization tab
bearer-token-postman-examplet
Shows how to pass bearer token in postman as Authorization header using Authorization tab