Learn about the authentication and authorization process for Bureau APIs.
To ensure secure access to Bureau APIs, we require authentication and authorization for every request. This process verifies the identity of the sender and confirms their permission to perform the requested action.
Secure API Requests
Ensure all API requests are made over HTTPS to prevent data interception.
API Gateway URLs
Below are Bureau's API Gateway URLs. You need to include this before each API endpoint to make API calls.
- Test Mode:
https://api.sandbox.bureau.id/
- Live Mode:
https://api.bureau.id/
Authentication Method: Basic Auth
We use Basic authentication for all API requests. To authenticate API requests, you'll need your API Credential ID and Credential Secret. These are available in your Bureau Dashboard.
Authorization Header Format
All API requests must include an Authorization header in the following format:
Authorization: Basic base64encoded_credentials
Here, base64encoded_credentials
is a base64-encoded string of your API Credential ID and Credential Secret, separated by a colon (e.g., YOUR_CREDENTIAL_ID
:YOUR_CREDENTIAL_SECRET
).
Below are code snippets of how to send authorization in a few different languages.
--header 'Authorization: Basic base64encoded_credentials'
req.Header.Set("Authorization", "Basic "+encodedCredentials)
const options = {
headers: {
Authorization: 'Basic base64encoded_credentials'
}
};
headers = {
"Authorization": "Basic base64encoded_credentials"
}
curl_setopt_array($curl, [
CURLOPT_HTTPHEADER => [
"Authorization: Basic base64encoded_credentials"
],
]);
Header Format
Strictly adhere to the specified header format. Invalid formats will result in authentication failures.
Following are a few examples of invlaid header formats: BASIC
base64encoded_credentials
, basicbase64encoded_credentials
, Basic"base64encoded_credentials"
and Basic$base64encoded_credentials
.