Developer Documentation
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  2. /
  3. Authentication
  4. /
  5. Basic Authentication

Basic Authentication

HTTP Basic Authention is supported by our REST API. It provides a simple and straightforward way to authenticate to our API as a user. However, it does some with a caviat. Keep reading.

The recommended way to use HTTP Basic Authentication is to instruct the HTTP client library or tool that you use to send a header on every API request you send us. You’ll need a valid username and password on the account you wish to perform API operations under. This is a widely supported feature since it’s part of the core HTTP specification. The client library will add a header that looks something like the following:

Authorization: Basic dGVzdEB1c2VyLmNvbTp0ZXN0cGFzc3dvcmQ=

The header contains two parts. The first part is the string that denotes that this authorization request is of the type “Basic”, as opposed to “Bearer”. Next is a base64 encoded string. If you were to decode that base64 string, you’d get this: test@user.com:testpassword This tells our servers that you wish to perform the current operation under the user test@user.com that happens to have a password of testpassword. Note: The operation would be performed under the account where test@user.com lives.


curl -u 'test@user.com:testpassword' \
'https://api.teletracker.net/reports/call-data?start_date=2022-10-01&end_date=2022-10-02'

{"success": true, "data": [ ... ]}

That API endpoint requires that you authenticate using a valid user. Curl makes it easy using Basic Authentication right on the command line without any extra steps.


If your user has access to multiple accounts, you must take care to always specify the account_id in every API request you send us. This will guarantee that the API operation is to be performed under the correct account that you want. The problem is that our API endpoints will happily allow you to leave this value out and still execute the operation.

If you leave out the account_id value, you may execute the API operation on any one of the accounts that is associated with your user, and it may not be the one you want. So don’t do it.


curl -u 'test@user.com:testpassword' \
'https://api.teletracker.net/reports/call-data?start_date=2022-10-01&end_date=2022-10-02&account_id=12345'

{"success": true, "data": [ ... ]}

Note the account_id=12345 value that was appended on the end of the URL guarantees that you get call reports from account id 12345. This assumes test@user.com has access to that account.


How do I know if my user has access to multiple accounts?

Sign in to your account admin app. If you have access to multiple accounts, you’ll be presented with a list of accounts to choose from right after signing in successfully. If you’re already signed in, look for the account dropdown in the top left of the app. You’ll see multiple accounts in the list. If you do not see any other accounts, then your user only has access to your one account.