Authentication

The Courier REST API supports both token and basic authorization.

Token Auth

Courier assigns you an “Auth Token” when you Register your account. You can retrieve this token from the Settings > API Keys section in Courier.

Courier API Keys

This token should be passed as a Bearer Token in an Authorization header with each request. Remember, it is best not to store an authorization token in your source control but instead reference values stored in environment variables or some other configuration. However you handle your tokens, be sure to keep them private and secure.

$curl --request POST \
> --url https://api.courier.com/send \
> --header 'Authorization: Bearer <token>'

Basic Auth

Basic Auth works by passing a username and password in an Authorization header. These credentials should be Base64 encoded, which can typically be accomplished using a function or method available in your language of choice. For example, JavaScript provides the btoa() and atob() functions to Base64 encode and decode respectively.

A username of normanosborn@oscorp.com and password of goblin616 are concatenated to normanosborn@oscorp.com:goblin616. This concatenated string becomes bm9ybWFub3Nib3JuQG9zY29ycC5jb206Z29ibGluNjE2 once it is Base64 encoded.

$curl --request POST \
> --url https://api.courier.com/send \
> --header 'Authorization: Basic <Base64 encoded string>'

To authenticate with the Courier REST API, use the email associated with your account as the username and the Auth Token as your password.