API Requests

Making requests to the API.

Request structure

Use an Authorization header with your app key to request an app session. The session object will include a jwt value to use for all subsequent requests instead of your app key.

Example Axios code.

const store = useStore();
const appKey = sessionStorage.getItem(key) ?? secrets.appKey

axios.get('https://api.backstack.com/app/session', {
  headers: {'Authorization' : appKey}
  })
  .then((response) => {
    sessionStorage.setItem('jwt', response.jwt)
    store.setSession(response);
  });

The jwt is a signed token that includes the following claims:

• app_id - The unique identifier for your app.
• account_id - The unique identifier for the account.
• user_id - The unique identifier for the user.
• timestamp - The time the token was issued.

These values are updated during the log in process to establish an authenticated session.

Endpoint requests

Use the jwt in the Authorization header to make requests to an API endpoint.

await axios.get('https://api.backstack.com/account/users', {
  headers: {'Authorization' : sessionStorage.getItem('jwt')}
  })
  .then((response) => {
    // Handle the response
  });

Related information

• API responses - Handling responses from the API.
• Session management - Managing user sessions.
• Form validation - How Backstack handles form validation.
• Errors - Understanding the API error feedback.