API authentication

Learn how to authenticate with Yapily's API.


Yapily's API uses HTTP Basic authentication.

Yapily provides an Application ID and Application Secret pair to authenticate requests. Each Application has its own unique ID and secret.

Credentials are retrieved, viewed and managed in the Yapily Console.

Retrieve credentials

To retrieve your credentials:

  1. Go to the Yapily Console
  2. Go to Applications and click Create Application
  3. Choose a name for your application and click Create application
  4. Click Download Application ID & Application Secret to download the json file containing the Application ID ( applicationUuid ) and Application Secret ( secret )
  5. Save the json file

It is important to keep your credentials safe and secure. Do not share your Application Secret in publicly accessible areas such as GitHub or client-side code.

Note: Once created, you're unable to retrieve your Application Secret again.

Authenticate API requests

In the request, your Application ID should be sent as the basic auth username and your Application Secret should be sent as the basic auth password.

You must submit the correct credentials when making API calls or you will receive a 401 "Unauthorized" error response.

For more information, see our API reference.

Revoke Application Secret

If you lose your Application Secret, or it is no longer secure, you need to revoke the secret and create a new one. The Application ID will not change.


Revoking the secret will invalidate any requests that are using the old secret.

To revoke your Application Secret:

  1. Go to the Yapily Console
  2. Go to Applications and click on your application
  3. Under API credentials click Revoke next to the Application Secret, then click Revoke and Generate new secret
  4. Download and save the json file containing the new Application Secret