Resource auth credentials

Retrieve authentication credentials for resources to be used with Booking.js widget v1

❗️

Resource auth is deprecated

App based authentication is the preferred and recommended method to interact with Timekit.

Resource based authentication is only relevant for customers using version 1 of our Booking.js widget. If that is the case, please consider upgrading to version 2 that works in tandem with the Projects model.

Retrieve personal authentication credentials for resources.

📘

Search

Searchable attributes:

  • resource.id

When you have the ID of a resource, you can use this endpoint to find that resource's credentials with this query:

curl --request GET \
  --url https://api.timekit.io/v2/credentials?search=resource.id:2939c4fa-f06f-4496-8a20-03f57afcdfe6 \
  --header 'Content-Type: application/json' \
  --user :live_api_key_7nzvc7wsBQQISLeFSVhROys9V1bUJ1z7

This will return the credentials for that specific resource only. When using Booking.js, you should only use credentials of the type client-token. Credentials of the client-token type are safe to use on the frontend and only has access to a limited number of endpoints.

🚧

Frontend safe credentials

When using credentials on the frontend, ONLY use credentials with the type client-token. These tokens are safe to use on the frontend.

Alternatively, when you are querying the /resources endpoint, you can include the user's credentials, using dynamic includes:

curl --request GET \
  --url https://api.timekit.io/v2/resources/2939c4fa-f06f-4496-8a20-03f57afcdfe6?include=credentials \
  --header 'Content-Type: application/json' \
  --user :live_api_key_7nzvc7wsBQQISLeFSVhROys9V1bUJ1z7

This will return both the resource and the credentials belonging to it.

🚧

What about server-tokens?

Resource credentials of the type server-token are present in Timekit for historical reasons. They are still here to ensure backwards compatability for users that have built their Timekit integrations using these. However, we strongly encourage new Timekit users to use our app API-Key based authentication.

Language
Authorization
Header
Click Try It! to start a request and see the response here!