Protected Resources

Some methods require Authentication, the method documentation details whether Authentication is required. You are providing a username and password of a JustGiving user, this shouldn’t be confused with providing a Application ID in the URL.

The Authentication used by the JustGiving API is known as “Basic Authentication”. This means that a username and password are Base64 encoded and sent as part of the HTTP header as raw text. The API uses SSL so these details will remain secure. Each request that requires Authentication will require the Authentication header to be included.

Our methods are secured in three categories, "Authentication required" which require a valid basic auth header to access, "Authentication not required" where regardless of basic auth header, the resource you're requesting is available, and "Optional" where you may get different data from a resource if you supply authentication credentials which indicate ownership.

A good example of the "Optional" authentication model is our Donation API, which will return exactly the same data as the JustGiving website if you're not authenticated, however if you authenticate as the page owner, any data which is disabled from view on the web (donation amounts, real names) will become visible over the API, much like when you view your page in your end user account.

Have more questions? Submit a request


Please sign in to leave a comment.