🔐
Authentication
Created
Jun 7, 2021 09:30 AM
Tags
Description
Documentation on authenticating with the Pixel Chat API
Authentication with the Pixel Chat API is fairly simple. All requests must be authenticated.

Step 1: Create a token

Visit pixelchat.tv/dash/profile/tokens and create a new token, we recommend creating a new token for each application you plan on using. At the moment these tokens are account wide, as such anyone with one of your tokens can access and edit certain information about your account. Due to this we highly recommend that you don't share these tokens with anyone, although the "damage" they could do would be very limited, it's still better to always be in full control of your own account. If you suspect one of your tokens has gotten into the hands of someone it shouldn't have, you can remove a token from the same page you created it, this will expire the tokens immediately, and it will stop working right away.

Step 2: Request authentication

In every request you make to the api, include the token as a x-api-key Header in the request. Also, though not required, we ask that you also send a x-application header containing a unique name for the application you're using this token with. Here's an example using Fetch in JavaScript:
const req = await fetch(`https://api2.pixelchat.tv/public/user`, 
	{
		headers: {
			"x-api-key": "asdf12344321fdsa",
			"x-application": "mobile stream button app"
		}
	}
)

const res = await req.json();

console.log(res)
In some rare cases if you are not able to set the headers of the request, you can include your token in the query parameters as the ?token parameter. Though whenever you can we recommend that you use the headers.

Step 3: Profit

Enjoy the API and make cool things!

Extra info:

Any requests made to the API without a token header, or with a invalid or deleted token will resolve in a 401 Unauthorized error.
 
One other thing to note, is these tokens will not work with the internal/private Pixel Chat API, and by using the Public API you agree not to attempt to reverse-engineer or use the Private API without explicit permission from Pixel Chat.