Authentication
To use the E-commerce Chatbot API, all requests must be authenticated using an API key or OAuth 2.0.
๐ API Key (Simple Auth)
Sending an API Key
You must include your API key in the Authorization header of each request:
Authorization: Bearer YOUR_API_KEY
Example (cURL)
curl -X POST https://api.example.com/api/v1/chat/send \
-H "Authorization: Bearer sk_test_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"message": "I need help with my order",
"user_id": "user_123"
}'
๐ OAuth 2.0 (Advanced Auth)
Optional โ for apps with multiple users or needing delegated access.
- Obtain a client ID and secret from the developer dashboard.
- Implement the OAuth 2.0 flow (authorization code grant or client credentials).
- Use the returned access token as a Bearer token in the
Authorizationheader.
Example Header with OAuth Token
Authorization: Bearer ya29.a0ARrdaM9XYZabcToken
๐ซ Common Errors
| Error Code | Message | Explanation |
|---|---|---|
| 401 | Unauthorized |
Missing or invalid token/API key |
| 403 | Forbidden |
Token is valid but lacks required permissions |
| 429 | Too Many Requests |
Rate limit exceeded |
๐งช Tips
- Never expose your API keys in frontend apps.
- Rotate API keys periodically.
- Use OAuth if you need to access the API on behalf of end users.