The Berkeley API uses Bearer tokens for authentication with both Public and Private API tokens. All request must contain an Authorization Header

Authorization: Bearer tok1234abc=

Token types

Public Token

A token that can be included in client side applications such as Web Pages, or Mobile applications. This token only allows you to tokenize Financial Account information.

Private Token

This token should be kept secret and safe. This token is responsible for accessing all methods in the Berkeley API except for tokenization. This API token should be used by the server component of your application.

Temporary keys

Temporary keys are used as a short lived alternative to the standard private token. That can be used on all endpoints except to create or delete a new authentication key.