Skip to main content
The Consul API supports two authentication methods depending on the context.

API Key (Basic Auth)

For most API requests, authenticate using HTTP Basic Authentication. Set the Authorization header to Basic followed by the base64 encoding of your API key. Consul provides separate keys for sandbox and production. You can provision API keys from the Developer section of the dashboard. 
curl https://api.onconsul.com/v1/balance \
  -u $CONSUL_API_KEY
Most HTTP clients (like curl -u) handle the base64 encoding for you. The raw header looks like Authorization: Basic base64(api_key).

OAuth Access Token (Bearer Auth)

For apps acting on behalf of a connected user, authenticate with a Bearer token using the OAuth access token obtained through the authorization code flow. 
curl https://api.onconsul.com/v1/balance \
  -H "Authorization: Bearer $OAUTH_ACCESS_TOKEN"
See the OAuth Connections guide for the full flow, including obtaining and refreshing access tokens.