The REST API uses authentication tokens and https:// to provide verification and encryption of all inbound requests. External systems such as WordPress site creating enquiry cases, or a reporting system pulling data out of CaseBlocks, should be setup with a User record on CaseBlocks. The external system’s requests are thereby identifiable in the user interface (e.g. the timelines) and audited.
You can access the authentication token once you have created an external system user by clicking on the user record.
You can authenticate requests on the CaseBlocks API in two ways. There is no behavioral difference between the two methods. The choice is purely what is most convenient for your integration purposes.
Authenticating using HTTP Headers
Pass the authentication token in via the X-AUTH-HEADER HTTP header. For example:
curl -H 'X-AUTH-HEADER: 94ZdThLd7WxZgCfghLSS' -XDELETE 'http://login.caseblocks.com/case_blocks/cases/5818c6ead94bb1cd6200000d
Authenticating using Query String Parameters
Pass the authentication token in as part of the combined query string that makes up the API request. For example: