Skip to main content

Authentication with Terminal49

This guide covers everything you need to know about authentication with Terminal49’s API, including obtaining API keys, implementing authentication in your code, and security best practices.

How Terminal49 Authentication Works

Terminal49 uses a token-based authentication system. Each request to the API must include an API key in the request headers to authenticate the request.
Authentication is required for all API endpoints except for the documentation and health check endpoints.

Getting Your API Key

To obtain an API key:
  1. Sign in to your Terminal49 account
  2. Navigate to Developer Settings
  3. Click “Generate New API Key”
  4. Name your key based on its intended use (e.g., “Production Integration” or “Development Testing”)
  5. Copy and securely store your API key - you won’t be able to view it again
API keys grant access to your data and should be kept secure. Never share your API key or commit it to version control systems.

Using Your API Key

When making requests to the Terminal49 API, you need to include your API key in the Authorization header of each request with the prefix Token. 
Authorization: Token YOUR_API_KEY
Here’s how to include the Authorization header in different programming languages:
JavaScript/Node.js
// Using fetch API
const response = await fetch('https://api.terminal49.com/v2/shipments', {
  headers: {
    'Authorization': 'Token YOUR_API_KEY',
    'Content-Type': 'application/vnd.api+json'
  }
});

// Using Axios
const axios = require('axios');
axios.get('https://api.terminal49.com/v2/shipments', {
  headers: {
    'Authorization': 'Token YOUR_API_KEY',
    'Content-Type': 'application/vnd.api+json'
  }
});
PHP
<?php
// Using cURL
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.terminal49.com/v2/shipments");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: Token YOUR_API_KEY',
    'Content-Type: application/vnd.api+json'
]);

$response = curl_exec($ch);
$data = json_decode($response, true);
curl_close($ch);

// Using Guzzle HTTP client
// Install with: composer require guzzlehttp/guzzle
require 'vendor/autoload.php';

$client = new GuzzleHttp\Client();
$response = $client->request('GET', 'https://api.terminal49.com/v2/shipments', [
    'headers' => [
        'Authorization' => 'Token YOUR_API_KEY',
        'Content-Type' => 'application/vnd.api+json'
    ]
]);

$data = json_decode($response->getBody(), true);
?>
Python
import requests

url = "https://api.terminal49.com/v2/shipments"
headers = {
    "Authorization": "Token YOUR_API_KEY",
    "Content-Type": "application/vnd.api+json"
}

response = requests.get(url, headers=headers)
Ruby
require 'net/http'
require 'uri'
require 'json'

uri = URI.parse('https://api.terminal49.com/v2/shipments')
request = Net::HTTP::Get.new(uri)
request['Authorization'] = 'Token YOUR_API_KEY'
request['Content-Type'] = 'application/vnd.api+json'

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http|
  http.request(request)
end
C#
using System;
using System.Net.Http;
using System.Threading.Tasks;

class Program
{
    static async Task Main()
    {
        using var client = new HttpClient();
        client.DefaultRequestHeaders.Add("Authorization", "Token YOUR_API_KEY");
        client.DefaultRequestHeaders.Add("Content-Type", "application/vnd.api+json");

        var response = await client.GetAsync("https://api.terminal49.com/v2/shipments");
        var content = await response.Content.ReadAsStringAsync();
        Console.WriteLine(content);
    }
}

Troubleshooting Authentication Issues

Common Error Responses

HTTP StatusMessagePossible Cause
401 Unauthorized”Invalid API Key”The API key is incorrect or has been disabled
401 Unauthorized”Missing API Key”No Authorization header was provided
403 Forbidden”Insufficient permissions”The API key doesn’t have permission for the requested action

Debugging Tips

  1. Check the Authorization header: Ensure it’s properly formatted as Token YOUR_API_KEY
  2. Verify the API key: Check that you’re using the correct API key for the environment
  3. Test with curl: Try a simple curl request to isolate authentication issues
curl Example
curl -H "Authorization: Token YOUR_API_KEY" \
     -H "Content-Type: application/vnd.api+json" \
     https://api.terminal49.com/v2/shipments

Disabling API Keys

If an API key is compromised or no longer needed:
  1. Sign in to your Terminal49 account
  2. Navigate to Developer Settings
  3. Find the API key you want to disable
  4. Click the “Disable Key” button (circular icon with a line through it)
Disable API Key location
Disabling an API key is immediate. Any applications using the key will lose access to the API.

Next Steps