Xola

Authentication

Once you have a user account, you can use a couple different methods to authenticate yourself.

1. API Key

The API key authentication may be passed as a header (recommended) or as a querystring parameter.

API Key via Header

Include your API key in a X-API-KEY header.

curl -H "X-API-KEY: <API_KEY>" https://sandbox.xola.com/api/experiences

API Key via Querystring

Include your API key in a apiKey query string parameter.

This method is fine for testing, but we recommend against it when building your integration since the request string may be cached by intermediary servers, thereby creating a potential security risk.

curl https://sandbox.xola.com/api/experiences?apiKey=<API_KEY>

2. Basic HTTP

You can use the basic HTTP authentication header to pass your credentials. We recommend using this only for retrieving your API key. For all other requests, it is recommended to use the API key.

curl https://sandbox.xola.com/api/experiences -u "me@example.com:<PASSWORD>"