|This article is a short introduction to the anatomy of a Push API request. If you'd like more information, see the full documentation for Airship's Push API.|
The API Request Format has several parts:
- HTTP Method
All requests to the Push API must be made using the POST method.
You will authenticate to the push API with the App Key and either the App Secret or the App Master Secret that can be found on your Airship dashboard at https://go.urbanairship.com/ under Settings > APIs & Integrations. The App Secret and App Master Secret work much like a username and password.
The App Secret is restricted to certain low-security APIs, as it is intended to be included in the distributed app. The Master Secret is needed for sending messages and other high-value requests, and as such must be guarded carefully.
|Anyone with your app's Master Secret can send notifications to your entire audience. Please keep this safe and never embed it in your distribution app.|
In most cases, the App Key and the App Master Secret will be passed to the API separated by a colon.
It should look something like this:
Whether to use the App Secret or the Master Secret in an API request is indicated in the Authorization string of the example requests.
If you need to use the App Secret, the Authorization header contains the word
Basic followed by a space and a Base64-encoded string generated from your app key and app secret in
appKey:appSecret format, e.g.,
Authorization: Basic <authorization string>
If you need to use the App Master Secret, the Authorization header contains the word
Basic followed by a space and a Base64-encoded string generated from your app key and master secret in
appKey:masterSecret format, e.g.,
Authorization: Basic <master authorization string>
|More information on authentication is available in our documentation on App Keys & Secrets: Security and Authentication via Airship API.|
Another form of authentication is via HTTP Bearer Auth, A bearer token is generated using the Airship dashboard. You can generate tokens for different roles; if your role does not grant you access to a feature, the endpoint will respond with a 401. Tokens can be revoked at will via the Airship Dashboard.
All Airship API requests use two required headers. The first specifies the format of the data in the payload, the second specifies the format and the API version that is being used (at this time only version=3 is valid).
"Accept: application/vnd.urbanairship+json; version=3;"
This is the section where all the options for the push request go. This can be very complex if there are many options for the push.
Please see our complete API reference documentation for more information.
Select the domain (.com or .eu/asnapieu.com) associated with your Airship project.