All requests to the Uberflip API require authentication, and must be performed over HTTPS. Requests made over HTTP, or made without authentication, will fail.
The Uberflip API uses bearer authentication. To authenticate a request, include the Authorization
header with the type Bearer
and an access token:
Authorization: Bearer <token>
.
You can obtain an access token by making a request to the Authorize
endpoint, using your API credentials (API Key and API Secret) to authenticate the request.
API Credentials
Your API credentials consist of a paired API Key and API Secret. You can generate, view and delete API credentials for your Uberflip account on the Account Settings page in Uberflip.
Your API credentials provide access to your Uberflip account, so be sure to keep them secure. You should share them only with trusted parties, and never expose them publicly (such as in client-side code or in public repositories like GitHub).
We also strongly recommend changing your API credentials from time to time. Regularly rotating your API credentials helps to safeguard against unauthorized access to your Uberflip account if your credentials are compromised. You can easily rotate API credentials at any time by deleting your existing API Key and Secret, then generating new ones and updating code as necessary.