Authentication

The Botsi API uses Bearer Authentication (also known as token authentication) to secure HTTP requests. You must include your secret key in the Authorization header of every request to identify your application and authorize the call.

The Authorization Header

Requests must include an Authorization header formatted as follows:

Authorization: Bearer YOUR_SECRET_KEY

Component	Description
Bearer	The authentication scheme identifier.
YOUR_SECRET_KEY	Your unique API secret key found in the Botsi Dashboard.

Implementation Example

The following example demonstrates how to authenticate a request to the Add Multiple Custom Attributes endpoint using cURL.

Request

curl -X POST "https://api.botsi.com/v1/web-api/profiles/custom-attributes-all" \
  -H "Authorization: Bearer YOUR_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "customerUserId": "user-123",
    "custom": [
      {
        "key": "user_level",
        "value": "premium"
      },
      {
        "key": "subscription_type",
        "value": "annual"
      },
      {
        "key": "referral_source",
        "value": "facebook"
      }
    ]
  }'

Key Requirements

Secure the Key: Your secret_key can be found on the App configuration page on the Botsi dashboard. Treat it like a password.
Content-Type: Ensure you set -H "Content-Type: application/json", as the Botsi API only accepts JSON payloads.
HTTPS: Always use https:// to ensure your secret key is encrypted during transit.

Troubleshooting Authentication

If you receive a 401 Unauthorized response, check the following:

Is the word Bearer included before the key in the header?
Is there a single space between Bearer and the key?
Does the secret_key exactly match the value in your Botsi App Configuration?

The Authorization Header​

Implementation Example​

Request​

Key Requirements​

Troubleshooting Authentication​

The Authorization Header

Implementation Example

Request

Key Requirements

Troubleshooting Authentication