To authenticate against the Snipe-IT API, you'll need to pass an Authorization, Accept: application/json and Content-Type: application/json header with every request.
Be sure to include BOTH the Content-Type AND Accept headers with your request!If your API request returns a login page (or any HTML page) and you're certain you're passing the Bearer token correctly in the
Authorizationheader, double-check that you are passing both theContent-TypeandAcceptheaders, and that the value of those headers isapplication/json.
It should look something like this, if your API key were MY-AWESOME-API-KEY:
| Header | Value | Required |
|---|---|---|
Authorization | Bearer MY-AWESOME-API-KEY | Yes |
Accept | application/json | Yes |
Content-Type | application/json | Yes |
User-Agent | My Awesome Integration Script | Recommended |
In reality, your API Key will be much longer than that, but you get the idea.
Recommended: Pass a User AgentWe strongly recommend including an integration-specific User-Agent in your API requests
My Awesome Integration Scriptin the example above). While it's not currently required, it can be very helpful in troubleshooting API requests when multiple integrations are running.
Keeping the default user-agent (Go-http-client/1.1,python-httpx/0.28.1,curl/8.7.1, etc) will make it difficult for you to determine which of your integration scripts is doing weird things if something goes wrong.
For example, using the Guzzle library:
$accessToken = 'MY-AWESOME-API-KEY';
$response = $client->request('GET', '/api/users', [
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/json',
'Authorization' => 'Bearer '.$accessToken,
'User-Agent' => 'My Awesome Integration Script',
],
]);