Authentication

The Braid API uses Basic Authentication, which requires a username and password for every request. This method ensures that each API call is linked to a verified developer account within your organization’s Braid program.

How It Works

1. The username is your assigned developer identifier.
2. The password is the API key displayed in the API Key section of your Braid Developer Dashboard.
3. Even though the UI labels it as API Key, it must be placed in the password field when constructing Basic Authentication credentials.

Basic Auth combines the username and password with a colon (:), e.g. username:apiKey and then encodes this string using Base64. The encoded string is included in the Authorization header in the format:

Authorization: Basic <base64(username:apiKey)>

Developer Tips

1. Most programming languages and HTTP client libraries have built-in Basic Auth support that automatically handles Base64 encoding and header creation. Use these built-in methods to reduce manual encoding errors.

Example: In curl, you can pass the credentials using the -u flag:

curl -u "username:apiKey" https://api.sandbox.braid.zone/...

2. Sandbox and Production have separate credentials and base URLs. Always use the correct credential pair for the matching environment.

Security Notes

1. Never hardcode your API key in publicly accessible code repositories.
2. Store credentials securely using environment variables or a secure secrets manager.
3. Never expose your credentials or passkeys in client-side (frontend) code, as this would make them accessible to end-users.
4. Rotate API keys periodically according to your organization’s security policy and immediately if they are compromised.