Authentication

Canteen's Admin API requires authentication via Access Tokens to ensure secure communication between clients and our system. Every request to our API must include a valid token in the Authorization header.

Obtaining an Access Token

To get started, you need to request an Access Token by contacting us. Once approved, you'll receive:

• Your Access Token – Used to authenticate requests.
• Your Organization UUID – A unique identifier for your organization, which must be included in API requests.

Using the Access Token

Authentication is handled using Bearer Token Authentication. This means that every request you send to the API must include your token in the Authorization header. Here’s an example of how to make a request:

Example: Fetching Resources

curl https://<your-org-uuid>.canteenweb.com/api/v1/admin/resource \
  -H "Authorization: Bearer your-access-token"

Security Notes

• Keep your Access Token confidential and never expose it in client-side code.
• If your token is compromised, revoke it immediately and generate a new one.
• Tokens may have expiration policies. Ensure you refresh them as needed.