You must authenticate your requests to secured endpoints using your organization secret X-ORGANIZATION-SECRET:
Method 1: Authenticating as an organization admin
Required headers:
X-ORGANIZATION-SECRET
When authenticating in this way, your request is performed as an admin and has full access to the organization.
Method 2: Authenticating as a user
Your request can authenticate as a specific user that belongs to your organization. To do so, in addition to the Service Token, you need to provide the user's ID in the following header:
Required headers:
X-ORGANIZATION-SECRETX-USER-ID
If the specified user does not exist in Sensay API, an unauthorized error will be returned.
Method 3: Authenticating as user by one of their linked accounts' ID
You can also authenticate as a user by alternative IDs that have been associated to the user using the Users endpoints.
To do so, in addition to the Service Token and the user's ID, you need to provide the user's ID type in the following header:
Required headers:
X-ORGANIZATION-SECRETX-USER-IDX-USER-ID-TYPE
See POST /users for the list of supported IDs.
If the specified user does not exist in Sensay API, an unauthorized error will be returned.