Authorization
Some endpoints require user authorization by providing an API key that can be generated on the Infinex website.
The client must send this key in the Authorization
HTTP header of any requests to protected resources:
Authorization: Bearer <api key here>
If you try to use a protected resource without authorization header you will receive a 401 Unauthorized
response. If the provided API key is invalid, you will receive a 403 Forbidden
response.
2FA
Some endpoints require two factor authentication. In this case, you will receive status 511 Network Authentication Required
with error code REQUIRE_2FA
. If your account is using one-time e-mail codes as the 2FA provider, the e-mail code will be sent at this point. Error response msg
field will contain human-readable information about where to find the code:
{
"error": {
"code": "REQUIRE_2FA",
"msg": "example@example.com"
}
}
or:
{
"error": {
"code": "REQUIRE_2FA",
"msg": "Google Authenticator"
}
}
To complete the request, you should repeat it without any modification, only adding the code2FA
field containing the correct 2FA code to the request body. A significantly modified request cannot be confirmed with the previous 2FA code, the new code will be sent instead. Invalid 2FA code returns status 403 Forbidden
with error code INVALID_2FA
.
No Comments