Authentication

To interact securely with the MediaVault API, all requests must be authenticated using an access token. This token ensures that only authorized users and applications can access MediaVault's resources. Below is a step-by-step guide on how to generate and use an access token to authenticate your API requests.

Obtaining an Access Token

To obtain an access token, you will need to generate one using your secret ID and secret key. These credentials are provided when you create an application in your developer settings.

Use the following endpoint to generate the token:

  • Endpoint: /Token
  • Method: POST
  • Request Body:
    • secretID: Your application's secret ID (required).
    • secretKey: Your application's secret key (required).
Request 
curl -X POST "https://api.mediavaultplus.com/Token" \
    -H "Content-Type: application/json" \
    -d '{
      "secretID": "YOUR_SECRET_ID",
      "secretKey": "YOUR_SECRET_KEY"
    }'
Response 
{
    "access_token": "YOUR_ACCESS_TOKEN",
    "type": "Bearer",
    "expires": "2024-12-31T23:59:59Z"
}

Using the Access Token

Once you receive your access token, include it in the Authorization header for all subsequent API requests. This token is required to authenticate your requests and access MediaVault's resources.

Authorization Header Format:

Bash 
Authorization: Bearer YOUR_ACCESS_TOKEN

Example API Request:

Bash 
curl -X GET "https://api.mediavaultplus.com/media" \
    -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Token Expiration

The access token will expire after a set period, as indicated by the expires field in the token response. When the token expires, you will need to generate a new one by repeating the token generation process.

Handling Authentication Errors

If your request is missing a valid access token or the token has expired, you will receive a 401 Unauthorized response. Ensure that the token is included in the Authorization header of every API request and that it has not expired.

Best Practices

  • Keep your credentials secure: Do not share your secret ID and secret key publicly.
  • Handle token expiration: Implement error handling in your application to gracefully refresh expired tokens.
  • Use HTTPS: Always use secure connections (HTTPS) when interacting with the API to protect your credentials and data.

By following these guidelines, you can securely access the MediaVault API and integrate its powerful media management features into your application.