Marfeel API Authentication

inaki.soria · March 14, 2022, 7:36am

All Marfeel API endpoints are authenticated using a bearer HTTP authentication scheme, also called token authentication scheme. The bearer token allowing access to a certain resource or URL is a cryptic string that you generate using a script like a curl command.

A bearer token allows developers to have a more secure point of entry for using the Marfeel APIs, and are one of the core features of OAuth 2.0.

The API client must always send the bearer token in the Authorization header when making requests to protected resources:

Authorization: Bearer <token>

How to generate an API authorization token

You can generate Bearer Tokens via login request using API credentials:

curl --location --request POST 'https://api.newsroom.bi/api/user/signin' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "compass.api@youraccount.com",
    "password": "secret"
}'

Here is what the response would look like. See the token field. Note that this is an example Bearer Token:

{
   "id":000,
   "name":"API User",
   "surname":" ",
   "email":"compass.api@youraccount.com",
   "registered":"2021-10-22T09:24:19.000Z",
   "langIso":null,
   "timezoneId":null,
   "dataRules":null,
   "sitesId":000,
   "updatedAt":"2021-11-04T13:31:15.000Z",
   "Timezone":null,
   "Site":{
     "...":"..."
   },
   "token":"eyJ...t0y20",
   "role":""
}

On OSX you can copy the bearer token directly to your clipboard using:

curl --location --request POST 'https://api.newsroom.bi/api/user/signin' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "compass.api@youraccount.com",
    "password": "secret"
}' | jq ."token" | pbcopy

TIP: You can you use jq to pretty print the output of the json or to directly select the token field.

Attention: API access has to be activated for you, contact your account manager to request permission to the Reporting API. Keep it in a safe place as all the account information is accessible via API.

How to authorize API requests

Once obtained the bearer token will have to be informed in all subsequent API requests with the Authorization header:

curl --location --request POST 'https://api.newsroom.bi/api/dashboard/query' \
--header 'Authorization: Bearer eyJ...t0y20' \

Renew tokens

A valid bearer token keeps the authentication alive without requiring to regenerate it constantly. Marfeel bearer tokens are valid up to 14 days after its generation. After this period a new token will need to be generated.