The Access Token

After obtaining an Access Token, include it in the Authorization header of each API request. (The Access Token identifies who you are - and your set of permissions.)

GET /backstage/api/1.0/[account_id]/campaigns/[campaign_id]/
Host: https://backstage.taboola.com
Authorization: Bearer [access_token]
Content-Type: application/json

πŸ“˜

Replace [access_token] with your actual token.

An Access Token is valid for 12 hours. Once revoked, you will need to obtain a new one. You can do so in 1 of 2 ways:

a) Submit a Refresh Token.
OR
b) Initiatie a new authentication flow.

🚧

Either of the following will result in a 401 Unauthorized response:

  • An invalid or expired Access Token.
  • An API call that is missing an Authorization header.