Lindris Developers

Appearance

Authentication

Lindris uses API keys for authentication. You can create an API key in your account settings.

Authorization Header

To authenticate your requests to the Lindris API, you need to include the API key as Bearer token in the Authorization header.

http
Authorization: Bearer YOUR_API_KEY

Additional Headers

The following headers are also required for all requests:

  • Content-Type: application/json
  • Accept: application/json

Creating API Keys

You can create new API keys through the account dashboard. When creating a key, you'll need to provide:

  • A description/name for the key (for your reference).
  • The key will be shown only once upon creation, so make sure to copy it immediately.

Verifying Authentication

GET api/authenticated

You can verify your authentication credentials using the authentication check endpoint:

bash
curl --request GET \
    --get "https://app.lindris.test/api/authenticated" \
    --header "Authorization: Bearer {YOUR_API_KEY}" \
    --header "Content-Type: application/json"
php
$client = new \GuzzleHttp\Client();
$url = 'https://app.lindris.test/api/authenticated';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_API_KEY}',
            'Content-Type' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
javascript
const url = new URL(
    "https://app.lindris.test/api/authenticated"
);

const headers = {
    "Authorization": "Bearer {YOUR_API_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

A successful response will look like:

json
{
    "data": {
        "authenticated": true
    }
}

Error Responses

If authentication fails, you'll receive one of these responses:

  • 401 Unauthorized - No API key provided or you provided an invalid key.
  • 403 Forbidden - You provided a valid API key, but you don't have the necessary permissions to perform the request.

Example error response:

json
{
    "message": "Unauthenticated.",
    "status_code": 401
}

Security Best Practices

  1. Keep your API keys secure and never share them.
  2. Use different API keys for different environments (development, staging, production).
  3. Regularly rotate your API keys.
  4. Give each integration its own API key for better tracking and security.
  5. Never commit API keys to version control.

Example Request

bash
curl -X GET https://api.lindris.com/v1/people \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json"

If everything is set up correctly, you should receive a 200 OK response from the API.