API Requests

Making requests to the API.

Request structure

Use an Authorization header with your app key to perform your initial request to the API. Every response includes an x-jwt header value to use for all future requests (instead of your app key).

Example Axios code.

const appKey = sessionStorage.getItem('jwt') ?? secrets.appKey

axios.get('https://api.backstack.com/app/session', {
  headers: {'Authorization' : appKey}
  })
  .then((response) => {
    sessionStorage.setItem('jwt', response.headers['x-jwt'])
    // Handle the response
  });

The jwt is a signed token that includes the following claims:

• app_id - The unique identifier for your app.
• account_id - The unique identifier for the account.
• user_id - The unique identifier for the user.

These values are updated during the log in process to establish an authenticated session.

Endpoint requests

Use the jwt in the Authorization header to make requests to an API endpoint.

await axios.get('https://api.backstack.com/account/users', {
  headers: {'Authorization' : sessionStorage.getItem('jwt')}
  })
  .then((response) => {
    // Handle the response
  });

Related information

• API responses - Handling responses from the API.
• Session management - Managing user sessions.
• Form validation - How Backstack handles form validation.
• Errors - Understanding the API error feedback.