Braze API Authentication – Documentation

Alpesh Shinde
Posted by Alpesh Shinde April 19, 2023

Authentication types

Using basic authentication

If the URL requires basic authentication, Braze can generate a basic authentication credential for you to use in your API call. You can manage existing basic authentication credentials and add new ones in the Connected Content tab of Manage Settings.

To add a new credential, click Add Credential. Give your credential a name and enter the username and password.

You can then use this basic authentication credential in your API calls by referencing the token’s name:

Hi there, here is fun some trivia for you!: {% connected_content https://yourwebsite.com/random/trivia :basic_auth credential_name %}

Note:

If you delete a credential, keep in mind that any Connected Content calls trying to use it will be aborted.

Using token authentication

When using Braze’s Connected Content, you may find that certain APIs require a token instead of a username and password. Included in the following call is a code snippet to reference and model your messages off of.

{% assign campaign_name="New Year Sale" %}

{% connected_content

https://your_API_link_here/

:method post

 :headers {

 "X-App-Id": "YOUR-APP-ID",

 "X-App-Token": "YOUR-APP-TOKEN"

 }

 :body campaign={{campaign_name}}&customer={{${user_id}}}&channel=Braze

 :content_type application/json

 :save publication

%}

Using Open Authentication (OAuth)

Some API configurations require retrieval of an access token that can then be used to authenticate the API Endpoint that you want to access.

Retrieve the access token

The following example illustrates retrieving and saving an access token to a local variable which can then be used to authenticate the subsequent API call. A :cache_max_age parameter can be added to match the time that the access token is valid for and reduce the number of outbound Connected Content calls. See Configurable Caching for more information.

{% connected_content

https://your_API_access_token_endpoint_here/

:method post

:headers {

“Content-Type”: “YOUR-CONTENT-TYPE”,

“Authorization”: “Bearer YOUR-APP-TOKEN”

}

:cache_max_age 900

:save token_response

%}

Authorize the API using the retrieved access token

Now that the token is saved, it can be dynamically templated into the subsequent Connected Content call to authorize the request:

{% connected_content

https://your_API_endpoint_here/

:headers {

“Content-Type”: “YOUR-CONTENT-TYPE”,

“Authorization”: “{{token_response}}”

}

:body key1=value1&key2=value2

:save response

%}

Cookie Value: