{"_id":"582789abbe5c080f00a5a822","project":"568bdc1483d2061900d86cdc","__v":1,"version":{"_id":"582789aabe5c080f00a5a7fe","__v":10,"project":"568bdc1483d2061900d86cdc","createdAt":"2016-11-12T21:29:14.915Z","releaseDate":"2016-11-12T21:29:14.915Z","categories":["582789abbe5c080f00a5a7ff","582789abbe5c080f00a5a800","582789abbe5c080f00a5a801","582789abbe5c080f00a5a802","582789abbe5c080f00a5a803","582789abbe5c080f00a5a804","582789abbe5c080f00a5a805","582789abbe5c080f00a5a806","582789abbe5c080f00a5a807","582789abbe5c080f00a5a808","5827ea984ca29e0f00137a9e","583df597887db62f00644283","583df5d9c622791900e78da5","5845cd8763c11b250037967d","5845d13063c11b2500379681","5859e859e3306d1900126725","587aeb9a01cf3a0f008359eb","587c422af45e2d0f005e200d","587d84dc82f6f30f004ceee5"],"is_deprecated":false,"is_hidden":false,"is_beta":true,"is_stable":true,"codename":"beta2","version_clean":"0.0.0","version":"0"},"user":"568bdbc4fe6fcc0d006dc970","category":{"_id":"587aeb9a01cf3a0f008359eb","project":"568bdc1483d2061900d86cdc","version":"582789aabe5c080f00a5a7fe","__v":0,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2017-01-15T03:25:14.326Z","from_sync":false,"order":3,"slug":"using-the-api","title":"Using the API"},"parentDoc":null,"updates":["587fb5c4da30470f0096b353"],"next":{"pages":[],"description":""},"createdAt":"2016-05-17T20:42:12.654Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":2,"body":"[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Introduction\"\n}\n[/block]\nThe Droplit.io API supports three primary modes of authentication: developer credentials, server credentials, and app+user credentials.\n\nDeveloper credentials support interfaces such as the developer portal and command line. When you deliver an application into production however, you will likely use server credentials to communicate from your server to the droplit.io servers.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Server Credentials\"\n}\n[/block]\nServer credentials can be created by creating a _client_ from the developer portal. Clients have their own set of authorization tokens that can be changed over time without breaking the association to a specific client.\n\nServer authorization tokens are Ecosystem-wide and provide unrestricted access to all resources in the Ecosystem.\n\nServer authorization tokens are passed in the HTTP `authorization` header with every request.\n[block:callout]\n{\n  \"type\": \"warning\",\n  \"body\": \"Server authorization tokens should be kept secure and never embedded in an application where the code base could be accessed by the end-user. Stored in a server is okay. Stored in a mobile app or in the client-side of a web application will compromise your credentials.\",\n  \"title\": \"Keep Server Credentials Secure\"\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Notifications\"\n}\n[/block]\nYour server can get real-time notifications of device state changes by using [Webhooks](doc:webhooks).","excerpt":"Accessing the API from your cloud service","slug":"server-to-server-api","type":"basic","title":"Server to Server Interface"}

Server to Server Interface

Accessing the API from your cloud service

[block:api-header] { "type": "basic", "title": "Introduction" } [/block] The Droplit.io API supports three primary modes of authentication: developer credentials, server credentials, and app+user credentials. Developer credentials support interfaces such as the developer portal and command line. When you deliver an application into production however, you will likely use server credentials to communicate from your server to the droplit.io servers. [block:api-header] { "type": "basic", "title": "Server Credentials" } [/block] Server credentials can be created by creating a _client_ from the developer portal. Clients have their own set of authorization tokens that can be changed over time without breaking the association to a specific client. Server authorization tokens are Ecosystem-wide and provide unrestricted access to all resources in the Ecosystem. Server authorization tokens are passed in the HTTP `authorization` header with every request. [block:callout] { "type": "warning", "body": "Server authorization tokens should be kept secure and never embedded in an application where the code base could be accessed by the end-user. Stored in a server is okay. Stored in a mobile app or in the client-side of a web application will compromise your credentials.", "title": "Keep Server Credentials Secure" } [/block] [block:api-header] { "type": "basic", "title": "Notifications" } [/block] Your server can get real-time notifications of device state changes by using [Webhooks](doc:webhooks).