Who doesn’t love a new feature, especially when it involves increased security?

Starting today, POST requests to a Cellmate service must supply an API token. Without a valid API token, requests will receive a 403 status code and an error message.

Getting a Token

API tokens are scoped to a particular service. This will allow you to share API tokens with team members working on the same project without compromising other services you may have created with your same account.

When viewing a service, there’s a new section appropriately titled “Api Tokens”:

Click the “manage api tokens” button, and you’ll be able to view existing API tokens you’ve created or create a new token.

When creating a token, be sure to copy it immediately before leaving the page. It will only be shown once.

Using a Token

POST requests require the Authorization header, where the value is Token yourtokenhere.

Here’s an example in cURL:

curl -X POST \
  -H 'Authorization: Token abcdefghijkl'
  -d "data=here"


Questions? Ideas? Comments? Concerns? Let me know! Shoot me an email at jesse@cellmateapp.com.