Authenticating with an Auth Token (BETA)

Authenticating with an auth token follows the standard HTTP Bearer Token usage.

The request must contain an Authorization header which contains an ASCII string that contains the base64-encoded value of your auth_token's token app's client_id and client_secret values.

Note: the token value in the Basic string cannot be a bytes string.

Refer to /auth_token docs for how-to build a HTTP Basic Authentication credentials string.

Sila AuthToken Postman Collection can be found here.

POST /0.2/check_handle HTTP/1.1
Content-Type: application/json
Authorization: Bearer dGhpcyBpcyB0aGUgInRva2VuIiB2YWx1ZSBvZiB5b3VyIHVuZXhwaXJlZCBhY2Nlc3MgdG9rZW4gcmV0dXJuZWQgYnkgL2FjY2Vzc190b2tlbg==

  "header": {
    "created": 1234567890, 
    "auth_handle": "handle.silamoney.eth", 
    "version": "0.2", 
    "reference": "<your unique id>"
  "message": "header_msg"


HTTP/1.1 200 OK

  "success": true,
  "reference": "<your unique id>",
  "message": "user.silamoney.eth is available.",
  "status": "SUCCESS"

Authentication failure responses

There are various conditions relating to the use of an auth token which can produce an authentication error. Some of the returned error messages are deliberately vague to avoid exposing failure reasons in order not to encourage phishing.

Status codeError MessageReason
401The auth token provided has expired.Expired token
401The auth token is invalid.Token was not generated for the app specified by auth_handle
403The Authorization: Bearer string is not properly encoded; it must be a base64-encoded ASCII string.Poorly-formed Bearer token (usually incorrect encoding)
403Permission to auth this resource has been denied.Use of Basic HTTP Authentication header (currently only used by /auth_token)
403The auth token is invalid.Passing a token for a SANDBOX app to PROD (or vice-versa)