Authentication
The Attivita API uses Bearer token authentication. You must include your API access token in the Authorization header of all requests.
Getting Your API Token
API tokens are provided by Attivita GmbH. Please contact our support team to obtain your token.
Using Your Token
Include the token in the Authorization header:
bash
Authorization: Bearer YOUR_API_ACCESS_TOKENExample Request
bash
curl -X GET https://api.attivita.de/api/products \
-H "Authorization: Bearer YOUR_API_ACCESS_TOKEN"javascript
const response = await fetch('https://api.attivita.de/api/products', {
headers: {
'Authorization': 'Bearer YOUR_API_ACCESS_TOKEN'
}
});
const products = await response.json();python
import requests
headers = {
'Authorization': 'Bearer YOUR_API_ACCESS_TOKEN'
}
response = requests.get('https://api.attivita.de/api/products', headers=headers)
products = response.json()php
$ch = curl_init('https://api.attivita.de/api/products');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Bearer YOUR_API_ACCESS_TOKEN'
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$products = json_decode($response, true);Security Best Practices
Important
- Never expose your API token in client-side code
- Store tokens securely using environment variables or secure key management
- Rotate tokens regularly for enhanced security
- Use HTTPS only for all API requests
Token Permissions
Your API token is tied to your customer account and provides access to:
- ✅ View all listed products with your customer-specific pricing
- ✅ Create and view orders for your account
- ✅ Manage webhooks for your account
- ❌ Cannot access other customers' data
- ❌ Cannot modify product information
Account Status
Your account must be active to use the API. If your account is suspended or pending, you'll receive a 403 error:
json
{
"error": "Account is not active. Please contact support."
}Next Steps
- Learn about Sandbox Mode for testing
- Explore the Products API
- Set up Error Handling