Basic authentication

Bango requires HTTP Basic authentication for Bango API calls. This stops unauthorized access to the Bango Platform, and ensures all your calls can be traced back to you.

Bango supplies you with two sets of credentials when you sign up (see What Bango needs from you):

• Test credentials: use these when developing and testing your code. These provide full API access, but sandboxed so you can't accidentally contact live third-party services.
• Production credentials: use these for your live code. These provide access to all the third-party services configured for you. Bango only authorizes these credentials for use after your testing is complete and verified.

Access to each Bango API is authorized separately. Test or production credentials for one API won't work with another API until Bango authorizes access.

Each set of credentials is a username and password, and identifies, authenticates, and authorizes an organization (not an individual user or developer). Combine the username and password to form a standard HTTP Authorization header, and make sure this header is present in every request to the Bango API. For example, if your username is "MyOrganization" and your password is "elephant-notepad-dancer", include the following header with every request:

Authorization: Basic TXlPcmdhbml6YXRpb246ZWxlcGhhbnQtbm90ZXBhZC1kYW5jZXI=

(The token after Basic is the Base64 encoding of MyOrganization:elephant-notepad-dancer.)

If the Bango API responds to your requests with HTTP 401 UNAUTHORIZED, this may mean your Authorization header is wrong. Check you're using the correct credentials, and that you've correctly encoded the token using Base64.