Authentication (Online)

Authentication

All API requests must be made over HTTPS (calls made with plain HTTP will fail) with valid user authentication provided. Authenticating with the SoapBox API is achieved using one of two methods: Via the Authentication end-point, or by placing the API key directly in the request header.

Method 1: API Key Authentication

In production environments, it is advisable to first authenticate with the API Key Authentication endpoint which will return a JSON Web Token (JWT) that can be used to authenticate with all subsequent end-point requests:

CURL Request Example

curl -X GET \
    -H "x-app-key:$APP_KEY" \
    https://api.soapboxlabs.com/v1/authentication/appkey

Authentication Response Example

{
  "token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGWE8zaldxcm9TaG5UQVo5Tzc2U0NPc0NXSDdZeW1oRFp6RFpVcXVPVmtiNlBlU2xCNGJqYlFCeTNIN084UjZtIiwiaXNzIjoiU29hcEJveExhYnMiLCJleHAiOjE1NzIwMTMxMTh9.6paKunix3DZYwKVDzW8XrXNu-R1gN3qId8JZJ5eQBE8"
}

This token should be attached to all subsequent requests to the Speech API (i.e. Verification requests) in the HTTP request header using the Authorization field using the syntax: Authorization: Bearer jwtTokenHere

CURL Example

curl -X POST \
    -H "Authorization: Bearer $AUTH_TOKEN" \
    -F "file=@$AUDIO_FILE" \
    -F "category=right" \
    -F "user_token=$USER_TOKEN" \
    https://api.soapboxlabs.com/v1/speech/verification

Method 2: Request Header

API App Keys can be generated to provide access to some of the platforms features such as the Verification endpoint. Authentication with the API can be achieved by including your API key directly in the header of the request to the relevant end-point by using the x-app-key field:

CURL Verification Example

curl -X POST \
    -H "x-app-key:$APP_KEY" \
    -F "file=@$AUDIO_FILE" \
    -F "category=right" \
    -F "user_token=$USER_TOKEN" \
    https://api.soapboxlabs.com/v1/speech/verification