This section describes the HTTP headers the API will accept from any request.
All requests must contain a content-type HTTP Header.
|JSON||application/json||text/json is currently not an accepted content type|
|Form data||multipart/form-data||Only used when uploading variations|
|400||The content type was understood but could not be decoded. More information will appear in the response body|
|415||The content type is missing or is not supported|
Note: In cases where the content-type header has a problem then the response content-type will be the default format for the API, currently application/json
Note: The API currently does not adhere to the Accept-type HTTP Header, all responses are sent in the same content-type as the received request provided the request’s content-type was valid
This header is optional and is used to provide authentication details to the API for the current user which will enable the current user to access restricted API resources. Tokens can be obtained via the Login API. An example header is:
Authorization: Bearer 45267dbe480c8c7d799c62ccad92cb44f67ab086
The Authorization header accepts a string that is built from two parts, seperated by a single space. The first part is the token type, the second is the access token itself.
|400||A malformed authorization header was provided|
|401||The authorization header is missing or the token was invalid or expired|
Choosing an authorization token type
On any failure the response headers will contain a WWW-Authenticate header which will indicate the token type that is required for access.