Authentication

Some API endpoint require authentication to work. This section explains how to make authenticated HTTP Requests to Fider.

The first step is to generate an API Key on your user profile. Sign in on Fider and navigate to Settings -> API Key and click on Regenerate API Key. An API Key will be shown. Take note of it as you won't be able to retrieve this key again. If your Key is lost or has been compromised, you can always repeat this process to generate a new Key.

API Key is only available for users with Collaborator or Administrator role. Visitors are not allowed to use any authenticated API endpoint.

With the API Key on hands, it's now possible to send authenticated requests the API using the Authorization HTTP Header as shown below.

Authorization: Bearer {api-key}

Impersonation

Every action performed via the API is executed under the User that generated the API Key. Fider also allow Administrators to impersonate another User and execute the operations under their behalf. To do so, add the following HTTP Header to the request.

Authorization: Bearer {api-key}
X-Fider-UserID: {target-user-id}

Roles

Fider has 3 user roles: Visitor, Collaborator and Administrator. These roles are used to restrict which actions each user can perform on the platform, be it via UI or via the API. Most operations can only be executed if the authenticated user has a specific role assigned. Every operation listed below will specify which role is required.