Authentication

The Stream API uses token-based authentication. To access protected endpoints, you'll need to authenticate with your credentials to receive a bearer token.

Authentication Endpoint

POST /auth/sign_in

Parameters

Parameter	Type	Required	Description
`api_user.email`	string	Yes	Your account email address
`api_user.password`	string	Yes	Your account password

Request Example

curl -X POST \
  https://stream-orders-api-sandbox.herokuapp.com/client_api/v2/auth/sign_in \
  -H "Content-Type: application/json" \
  -d '{
    "api_user": {
      "email": "test@vatitstream.com",
      "password": "test1234"
    }
  }'

Success Response (200 OK)

{
  "token": "eyJhbGciOiJIUzadfaskdjLKSAJSLdkoIASjdlaksjoj"
}

Error Response (401 Unauthorized)

If the credentials are invalid, you'll receive:

{
  "success": false,
  "error": "Invalid username and/or password",
  "errors": []
}

Using the Token

Include the bearer token in the Authorization header for all authenticated requests:

curl -X GET \
  https://stream-orders-api-sandbox.herokuapp.com/client_api/v2/orders \
  -H "Authorization: Bearer eyJhbGciOiJIUzadfaskdjLKSAJSLdkoIASjdlaksjoj" \
  -H "Content-Type: application/json"

Important Notes

All API requests must be made over HTTPS
Calls made over plain HTTP will fail
API requests without authentication will also fail
Store tokens securely and never expose them in client-side code
Tokens may expire and require re-authentication

Authentication Endpoint​

Parameters​

Request Example​

Success Response (200 OK)​

Error Response (401 Unauthorized)​

Using the Token​

Important Notes​