Authenticating to our API
The Berkeley API uses Bearer tokens for authentication with both Public and Private API tokens. All request must contain an Authorization Header
Authorization: Bearer tok1234abc=
Token types
Public Token
A token that can be included in client side applications such as Web Pages, or Mobile applications. This token only allows you to tokenize Financial Account information.
Private Token
This token should be kept secret and safe. This token is responsible for accessing all methods in the Berkeley API except for tokenization. This API token should be used by the server component of your application.
Temporary keys
Temporary keys are used as a short lived alternative to the standard private token. That can be used on all endpoints except to create or delete a new authentication key.