Authentication

Authenticating with OAuth 2 Bearer tokens

All requests are authenticated with OAuth 2 Bearer authentication provided through the Authorization HTTP header. The value of the header must include an Access Token.

Authorization: Bearer your-access-token

Access Tokens can be obtained by creating a Profile through the API or SDKs, or from inside the Producer Suite.

Profile Access Token

Access Tokens that are obtained by creating a profile are also called Profile Access Tokens, and are scoped to that profile. They are used to do things like interact with widgets and participate in chat.

πŸ“˜

Use Profile Access Tokens when interacting with widgets and chat on behalf of a particular end user in your application.

Admin Access Token

Access Tokens that are obtained from inside the Producer Site are also called Admin Access Tokens, and have a broader scope and permission set than Profile Access Tokens. These access tokens can be used to create and publish new widgets and perform moderation duties.

πŸ“˜

Use Admin Access Tokens in management and integration scenarios that are not related to any particular end user in your app, or when special privileges are required.

❗️

Keep Admin Access Tokens secret!

Be cautious with Admin Access Tokens, they are quite permissive and are generally not necessary for client-side integrations.

Personal API Token

Personal API Tokens allow you to perform site-wide and organization-wide administrative tasks such as creating and managing applications. A Personal API Token can be obtained from the My Account page in the LiveLike Producer CMS.

Authorization: Token your-personal-api-token

❗️

Keep Personal API Tokens secret!

Be cautious with Personal API Tokens, they are quite permissive and are generally not necessary for client-side integrations.