Authorization

All global platform API require an authorization token to work. The authorization token, once obtained, contains all of the information required for subsequent calls to be completed.

Account wide Token Request

Using your account API Key, that can be found under your Profile section in your account details, you can require an Authorization token using the following request:

curl --location --request POST '<SERVICE ENDPOINT>/authorization/integration' \
--header 'Content-Type: application/json' \
--data-raw '{
	"AccountAPIKey":"<Account API Key>"
}'

An authorization token grants access to all of the API methods for about 60 minutes. When the authorization token expires, a new authorization token must be requested by repeating the very same request.

Bot Level Token Request

Some API endpoints, such as Xenioo Database API Interface will require a token related to a very specific chatbot. To create such token the authorization request must contain the bot API Token and Secret like in the example below:

curl --location --request POST '<SERVICE ENDPOINT>/authorization/integration' \
--header 'Content-Type: application/json' \
--data-raw '{
	"AccountAPIKey":"<Account API Key>",
	"BotAPIKey":"<Your bot API Key>",
	"BotAPISecret":"<Your bot API Secret>"
}'

You can find both bot API Key and bot API Secrets under the Developers section of the settings top menu of your bot details.

Response

If the request is successful, Xenioo will reply with an authorization token that may look like this:

{
    "token": "dmO/lbiq5FN+oyrAF3BLhdo[...]",
    "expires": 60
}

The expire information indicates for how many minutes the token is valid.

Response Codes

This endpoint will reply with the following standard HTTP codes.