|This article is a short introduction to the anatomy of a Push API request. If you'd like more information, see the full documentation for the Urban Airship Push API.|
The API Request Format has several parts:
- HTTP Method
All requests to the Push API must be made using the POST method.
You will authenticate to the push API with the App Key and either the App Secret or the App Master Secret that can be found on your Urban Airship dashboard at https://go.urbanairship.com/ under Settings > APIs & Integrations. The App Secret and App Master Secret work much like a username and password.
The App Secret is restricted to certain low-security APIs, as it is intended to be included in the distributed app. The Master Secret is needed for sending messages and other high-value requests, and as such must be guarded carefully.
|Anyone with your app's Master Secret can send notifications to your entire audience. Please keep this safe and never embed it in your distribution app.|
In most cases the App Key and the App Master Secret will be passed to the API separated by a colon.
It should look something like this:
Whether to use the App Secret or the Master Secret in an API request is indicated in the Authorization: string of the example requests:
If you need to use the App Secret, the example will show:
Authorization: Basic <authorization string>
If you need to use the App Master Secret, the example will show:
Authorization: Basic <master authorization string>
|More information on authentication is available in our documentation on App Keys & Secrets: Security|
All Urban Airship API requests use two required headers. The first specifies the format of the data in the payload, the second specifies the format and the API version that is being used (at this time only version=3 is valid).
"Accept: application/vnd.urbanairship+json; version=3;"
This is the section where all the options for the push request go. This can be very complex if there are many options for the push.