API Reference

API Authentication

Wristband APIs use bearer tokens for authentication.

Bearer tokens, specifically access tokens in Wristband, grant access to protected resources. These tokens must be included in API requests for successful authentication.

Bearer Authentication and Token Validation

First, authenticate with Wristband to obtain an access token. Include this token in the Authorization HTTP header of your API request:

Authorization: Bearer <token>

Example:

GET https://yourapp-yourcompany.us.wristband.dev/api/v1/applications/123/users HTTP/2.0
Accept: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Wristband validates the token, checking its authenticity, expiration, and other details. If valid, Wristband processes the API request.

Onboarding Workflow APIs

Onboarding Workflow APIs rely on bearer tokens in the Authorization Header. When self-hosting UI for any Wristband workflow, your application must invoke these APIs on behalf of a machine. Use the Client Credentials Flow to obtain the necessary access tokens.

Resource Management APIs

Resource Management APIs also use bearer tokens in the Authorization Header. The actor can be either end users or machines. Use the Authorization Code Flow for end users and the Client Credentials Flow for machines to obtain access tokens.

Different Auth Mechanisms for Authentication APIs

Wristband's Authentication APIs have various authentication methods depending on the API. Check the API reference for specific authentication requirements.

No Auth Required

Some APIs, like the Authorize API, don't require authentication. Wristband validates the calling OAuth2 Client's registration.

Basic Authentication

Some APIs, like the Token API, require Basic Auth. This involves encoding the clientId and clientSecret using Base64 and passing them in the Authorization header:

Authorization: Basic <base64-encoded-credentials>

Example:

Authorization: Basic eDI1cnBnYWZndmdlZGN2anc1Mm9vdWwzeG06ZDVjZWU3ZjFlMDVjNTlkZTQ2YjMxMjgyODFhZGNhMDg=

Bearer Authentication

For other Authentication APIs, use Bearer Authentication, similar to the Onboarding Workflow APIs and Resource Management APIs.