API and Webhooks

Authenticating APIv2 calls with Personal Access Tokens

The APIv2 supports two means of authentication, and both require an access token.

HTTP header

To authenticate with the HTTP header, pass the access token in the Authorization field with the bearer scheme.

Authorization: Bearer <your_jwt_token>

✔️ TIP: This is the preferred way of authenticating against the API because headers are not usually logged on servers. If you're making server-to-server calls, it's worth looking up how to add custom headers in your API client.

Query string parameter

If you can’t add a custom header or you want to avoid pre-flight requests, you can pass the access token in the query string using the access_token parameter.

Generate an access token

Currently, you can obtain a personal access token from your user profile. These access tokens are meant for server-to-server integrations, and should not be exposed to HTML pages.

To obtain a personal access token:

1. Click the MeBox, followed by your profile picture.

2. On the resulting page, select Edit Profile from the dropdown.

3. Click Access Tokens in the right-hand sidebar.

4. Click Generate New Token.

5. Give the token a name that will help you remember its use.

6. Click Generate to generate the token and copy the value into your app.

Note

This requires the Garden > Tokens > Add permission in Roles and Permissions for the relevant Role.
API calls using a token will reflect the permissions of the user who generated the token.

Read this next!

Mute Posts
As a member of an online community, you'll likely Follow and engage with numerous posts from other users, not to mention create your own posts that others engage with. Over time, you may come across threads that produce a high volume of engagement that you're not interested in, and this engagement can result in a similar…
Vanilla Co-Deploy
Co-Deploy: Empowering Customization for Your Community Forum At Higher Logic Vanilla (HLV), we understand that each organization has unique needs when it comes to community engagement. While many platforms offer basic theming and branding tools, Co-Deploy goes a step further, allowing Enterprise+ customers to fully…
Higher Logic – AI Terms of Use
Additional Terms for Use of AI Features By activating and/or using AI Features within the Software Services, the following terms (“AI Terms”) are hereby added to and become part of the Agreement between Higher Logic, LLC and your organization. Capitalized terms not defined in these AI Terms have the meanings given in the…
Create a Custom Layout Title Bar
In Higher Logic Vanilla (Vanilla), there are two types of Title Bars: Each Style Guide theme includes a Title Bar. Because a theme is applied community-wide, this functions as a default Title Bar that displays on every page. Communities that leverage Vanilla's custom page layouts can optionally create a custom Title…