Authentication

Learn how to authenticate with the Adbot API using API keys or session tokens.

Authentication Methods

The Adbot API supports two authentication methods:

• API Key Authentication - Recommended for server-to-server integrations
• Token Authentication - Cookie-based sessions for web applications

API Key Authentication

API keys are the recommended way to authenticate with the Adbot API for programmatic access. Include your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X GET https://api.adbot.fi/api/templates \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Obtaining an API Key

To get your API key:

1. Log in to your Adbot account at app.adbot.fi
2. Navigate to Settings > API
3. Click "Generate New API Key"
4. Copy and securely store your API key

Token Authentication

For web applications, you can use session-based authentication with login/logout endpoints.

Login

Authenticate a user and receive session tokens.

Request Body

{
  "email": "user@example.com",
  "password": "your_password"
}

Response

{
  "success": true,
  "data": {
    "user": {
      "id": "usr_123",
      "email": "user@example.com",
      "name": "John Doe"
    },
    "accessToken": "eyJhbGciOiJIUzI1NiIs...",
    "refreshToken": "eyJhbGciOiJIUzI1NiIs..."
  }
}

Refresh Token

Refresh an expired access token using a valid refresh token.

Request Body

{
  "refreshToken": "eyJhbGciOiJIUzI1NiIs..."
}

Response

{
  "success": true,
  "data": {
    "accessToken": "eyJhbGciOiJIUzI1NiIs...",
    "refreshToken": "eyJhbGciOiJIUzI1NiIs..."
  }
}

Logout

Invalidate the current session.

Response

{
  "success": true,
  "message": "Successfully logged out"
}

Rate Limiting

API requests are rate limited to ensure fair usage. Current limits:

When rate limited, the API returns a 429 Too Many Requests response with headers indicating when you can retry:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1699999999