You'll need to authenticate your requests to access any of the endpoints in the RiskAdvisor API. In this guide, we'll look at how authentication works. RiskAdvisor offers two ways to authenticate your API requests: Basic authentication and OAuth2 with a token — OAuth2 is the recommended way.

Basic authentication

With basic authentication, you use your username and password to authenticate your HTTP requests. Unless you have a very good reason, you probably shouldn't use basic auth. Here's how to authenticate using cURL:

Example request with basic auth

curl \
  -u username:password

Please don't commit your RiskAdvisor password to GitHub!

OAuth2 with bearer token

The recommended way to authenticate with the RiskAdvisor API is by using OAuth2. When establishing a connection using OAuth2, you will need your access token — you will find it in the RiskAdvisor dashboard under API settings. Here's how to add the token to the request header using cURL:

Example request with bearer token

curl \
  -H "Authorization: Bearer {token}"

Always keep your token safe and reset it if you suspect it has been compromised.