Authentication

The ControlCom Connect API supports two authentication methods: API key credentials passed as HTTP Basic, and a user JSON Web Token passed as a Bearer token.

Workflow Stage: Integrate

API Keys

API key credentials are generated in the ControlCom Connect interface under Administration > API Keys. Each key has an ID and a secret. Keep the secret confidential and never expose it in client-side code.

Basic Authentication

Combine the API key ID and secret as id:secret, Base64-encode the result, and pass it in the Authorization header prefixed with Basic.

# macOS / Linux
echo -n "myApiKeyId:myApiKeySecret" | base64
# Outputs bXlBcGlLZXlJZDpteUFwaUtleVNlY3JldA==

Authorization: Basic bXlBcGlLZXlJZDpteUFwaUtleVNlY3JldA==

Most HTTP libraries handle the encoding for you when you supply a username and password.

Bearer Tokens

Authenticated user sessions can call the API with a JSON Web Token passed as a Bearer credential.

Authorization: Bearer <your-jwt>

For transport security and credential-rotation guidance, see the Security reference.

Authentication

API Keys

Basic Authentication

Bearer Tokens

On this page